CVE-2021-35943

Couchbase Server 6.5.x and 6.6.x through 6.6.2 has Incorrect Access Control. Externally managed users are not prevented from using an empty password, per RFC4513...

CVE-2025-2562

Insufficient logging in the autotyping feature in Devolutions Remote Desktop Manager on Windows allows an authenticated user to use a stored password without generating a corresponding log event, via the use of the autotyping functionality. This issue affects Remote Desktop Manager versions from...

CVE-2025-2600

Improper authorization in the variable component in Devolutions Remote Desktop Manager on Windows allows an authenticated user to use the ELEVATEDPASSWORD variable even though not allowed by the "Allow password in variable policy". This issue affects Remote Desktop Manager versions from 2025.1.24...

Teldat RS123和Teldat RS123w 安全漏洞

Teldat RS123 and Teldat RS123w are both routers from Teldat. A security vulnerability exists in Teldat RS123 and Teldat RS123w that stems from unrestricted use of weak passwords...

Google Chrome Resource Management Error Vulnerability (CNVD-2020-62477)

Google Chrome is a web browser from Google, an American company. A security vulnerability in versions of Google Chrome prior to 86.0.4240.99 allows an attacker to perform sandbox escaping to affect the renderer process via a carefully crafted HTML page after using a password in the browser...

GAO Calls out the FDIC

It’s not always malicious hackers and purported state actors that expose weaknesses in government systems. Sometime it’s other government agencies as well. This was the case when federal watchdog, the Government Accountability Office, audited and subsequently called out the Federal Deposit...