19 matches found
OpenClaw OS Command Injection Vulnerability (CNVD-2026-15059)
OpenClaw is an automation tool for executing system commands. An authentication bypass vulnerability exists in versions prior to OpenClaw 2026.2.21 that stems from the system failing to enforce secure authentication when the allowInsecureAuth setting is explicitly enabled and the gateway is expos...
StarDict 安全漏洞
StarDict is a desktop dictionary software from StarDict open source. A security vulnerability exists in StarDict version 3.0.7+git20220909+dfsg-6, which stems from the YouDao plugin sending X11 selections to a remote server via plaintext HTTP...
ALPINE-CVE-2024-2004
When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would remain in the allowed set due to an error in the logic for removing protocols. The below command would perform a request to curl.se with a plaintext protocol which has been...
DEBIAN-CVE-2024-2004
When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would remain in the allowed set due to an error in the logic for removing protocols. The below command would perform a request to curl.se with a plaintext protocol which has been...
AZL-37087 CVE-2024-2004 affecting package cmake for versions less than 3.30.3-2
When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would remain in the allowed set due to an error in the logic for removing protocols. The below command would perform a request to curl.se with a plaintext protocol which has been...
CVE-2024-2004
When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would remain in the allowed set due to an error in the logic for removing protocols. The below command would perform a request to curl.se with a plaintext protocol which has been...
CURL-CVE-2024-2004 Usage of disabled protocol
When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would remain in the allowed set due to an error in the logic for removing protocols. The below command would perform a request to curl.se with a plaintext protocol which has been...
CVE-2024-2004
When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would remain in the allowed set due to an error in the logic for removing protocols. The below command would perform a request to curl.se with a plaintext protocol which has been...
CVE-2024-2004
When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would remain in the allowed set due to an error in the logic for removing protocols. The below command would perform a request to curl.se with a plaintext protocol which has been...
CVE-2018-11421
The CVE-2018-11421 entry affects Moxa OnCell G3100-HSPA Series, specifically version 1.6 Build 17100315 and prior. The root cause is a proprietary monitoring protocol that provides no confidentiality, integrity, or authenticity protections, sending information in plain text. Impact stated across ...
Dedicated Micros DVR products use plaintext protocols and require no password by default
Overview Dedicated Micros DVR products, including the DV-IP Express, SD Advanced, SD, EcoSense, and DS2, by default use plaintext protocols and require no password. Description CWE-311: Missing Encryption of Sensitive Data Dedicated Micros DVR products by default use HTTP, telnet, and FTP rather...
Thomson Wireless VoIP Cable Modem Auth Bypass
No description provided by source. Exploit Title: Thomson Wireless VoIP Cable Modem Auth Bypass Date: February 22, 2011 Authors: Glafkos Charalambous, George Nicolaou Product: TWG850-4 Wireless VoIP Cable Modem Software Version: ST9A.01.06 Severity: High Other Vulnerabilities: Unauthenticated...
Lynx Message Server Multiple Vulnerabilities
No description provided by source. 1. Summary The Micro Technology Services Inc. Lynx Message Server 7.11.10.2 and/or LynxTCPService version 1.1.62 web interface is vulnerable to SQL Injection, Cross-Site Scripting, and other security problems. 2. Description Lynx is a Facility wide Duress and...
Thomson Wireless VoIP Cable Modem Authentication Bypass
Exploit Title: Thomson Wireless VoIP Cable Modem Auth Bypass Date: February 22, 2011 Authors: Glafkos Charalambous, George Nicolaou Product: TWG850-4 Wireless VoIP Cable Modem Software Version: ST9A.01.06 Severity: High Other Vulnerabilities: Unauthenticated Backup File Access, Plaintext Protocol...
Manhali v1.8 Local File Inclusion Vulnerability
Exploit for hardware platform in category web applications Exploit Title: Thomson Wireless VoIP Cable Modem Auth Bypass Date: February 22, 2011 Authors: Glafkos Charalambous, George Nicolaou Product: TWG850-4 Wireless VoIP Cable Modem Software Version: ST9A.01.06 Severity: High Other...
Thomson Wireless VoIP Cable Modem Auth Bypass
Exploit for hardware platform in category web applications Exploit Title: Thomson Wireless VoIP Cable Modem Auth Bypass Date: February 22, 2011 Authors: Glafkos Charalambous, George Nicolaou Product: TWG850-4 Wireless VoIP Cable Modem Software Version: ST9A.01.06 Severity: High Other...
Lynx Message Server - Multiple Vulnerabilities
Lynx Message Server - Multiple Vulnerabilities 1. Summary The Micro Technology Services Inc. "Lynx Message Server 7.11.10.2" and/or "LynxTCPService version 1.1.62" web interface is vulnerable to SQL Injection, Cross-Site Scripting, and other security problems. 2. Description Lynx is a "Facility...
Lynx Message Server 7.11.10.2 Cross Site Scripting / SQL Injection
Summary The Micro Technology Services Inc. "Lynx Message Server 7.11.10.2" and/or "LynxTCPService version 1.1.62" web interface is vulnerable to SQL Injection, Cross-Site Scripting, and other security problems. 2. Description Lynx is a "Facility wide Duress and Emergency Notification" system...
INFIGO-2007-04-05: Enterprise Security Analyzer server remote buffer overflows
INFIGO IS Security Advisory ADV-2007-04-01 http://www.infigo.hr/ Title: Enterprise Security Analyzer server remote buffer overflows Advisory ID: INFIGO-2007-08 Date: 2007-04-05 Advisory URL: http://www.infigo.hr/en/infocus/advisories/INFIGO-2006-08-04 Impact: Remote code execution preauth Risk...