CVE-2026-1789

A vulnerability in the browser-based remote management interface may allow an administrator to access sensitive information on the device via crafted requests, affecting certain production printers and office/small office multifunction printers...

[SECURITY] Fedora 42 Update: incus-6.23-3.fc42

Container hypervisor based on LXC Incus offers a REST API to remotely manage containers over the network, using an image based work-flow and with support for live migration. This package contains the Incus daemon...

CVE-2003-1363

The remote web management interface of Aprelium Technologies Abyss Web Server 1.1.2 and earlier does not log connection attempts to the web management port 9999, which allows remote attackers to mount brute force attacks on the administration console without detection...

EUVD-2009-2673

Malware in sbrugna...

EUVD-2008-3764

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2019-10104

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In several JetBrains IntelliJ IDEA Ultimate versions, an Application Server run configuration for Tomcat, Jetty, Resin, or CloudBees with the default setting...

CVE-2020-23621

The Java Remote Management Interface of all versions of SVI MS Management System was discovered to contain a vulnerability due to insecure deserialization of user-supplied content, which can allow attackers to execute arbitrary code via a crafted serialized Java object...

Ricoh Web Image Monitor 跨站脚本漏洞

Ricoh Web Image Monitor is a web management interface for multifunction printing devices from Ricoh Japan that provides remote monitoring and configuration capabilities. A cross-site scripting vulnerability exists in Ricoh Web Image Monitor, which stems from reflected cross-site scripting in lase...

CVE-2024-42457

A vulnerability in Veeam Backup & Replication allows users with certain operator roles to expose saved credentials by leveraging a combination of methods in a remote management interface. This can be achieved using a session object that allows for credential enumeration and exploitation, leading ...

Netgear Unauthenticated SOAP Password Extractor

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Netgear Unauthenticated SOAP Password Extractor', 'Description' = %q This module exploits an authentication bypass vulnerability in different...

CVE-2022-37022

Apache Geode versions up to 1.12.2 and 1.13.2 are vulnerable to a deserialization of untrusted data flaw when using JMX over RMI on Java 11. Any user wishing to protect against deserialization attacks involving JMX or RMI should upgrade to Apache Geode 1.15. Use of 1.15 on Java 11 will...

Arista Networks Arista EOS 安全漏洞

Arista Networks Arista EOS is a scalable operating system for data centers and cloud network centers from Arista Networks, Inc. Arista EOS builds cloud architectures that scale to hundreds of thousands of compute and storage nodes with management and provisioning capabilities for large-scale jobs...

CVE-2020-23620

The Java Remote Management Interface of all versions of Orlansoft ERP was discovered to contain a vulnerability due to insecure deserialization of user-supplied content, which can allow attackers to execute arbitrary code via a crafted serialized Java object...

CVE-2020-23621

The Java Remote Management Interface of all versions of SVI MS Management System was discovered to contain a vulnerability due to insecure deserialization of user-supplied content, which can allow attackers to execute arbitrary code via a crafted serialized Java object...

Deserialization of untrusted data

The Java Remote Management Interface of all versions of Orlansoft ERP was discovered to contain a vulnerability due to insecure deserialization of user-supplied content, which can allow attackers to execute arbitrary code via a crafted serialized Java object...

CVE-2020-23621

CVE-2020-23621 affects the SVI MS Management System via insecure deserialization in the Java Remote Management Interface across all versions, enabling arbitrary code execution through a crafted serialized Java object. The issue is rooted in how user-supplied content is deserialized. Documented im...

CVE-2020-15835

An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.1.5-std devices. The authentication function contains undocumented code that provides the ability to authenticate as root without knowing the actual root password. An adversary with the private key can remotely authenticate to the...

CVE-2020-27129

A vulnerability in the remote management feature of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to inject arbitrary commands and potentially gain elevated privileges. The vulnerability is due to improper validation of commands to the remote management CLI of the...

Cisco Firepower Threat Defense Software Management Interface DoS (cisco-sa-ftd-mgmt-interface-dos-FkG4MuTU)

According to its self-reported version, Cisco Firepower Threat Defense Software is affected by a denial of service DoS vulnerability in the management interface due to how FTD handles session timeouts for management connections. An unauthenticated, remote attacker can exploit this issue, by sendi...

CVE-2020-3280 Cisco Unified CCX Preauth RCE

A vulnerability in the Java Remote Management Interface of Cisco Unified Contact Center Express Unified CCX could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to insecure deserialization of user-supplied content by the affecte...