CVE-2025-15563 Broken Access Control results in Denial of Service in NesterSoft WorkTime

Any unauthenticated user can reset the WorkTime on-prem database configuration by sending a specific HTTP request to the WorkTime server. No authorization check is applied here...

EUVD-2025-20244

Malicious code in bioql PyPI...

CVE-2025-43932

JobCenter through 7e7b0b2 allows account takeover via the password reset feature because SERVERNAME is not configured and thus a reset depends on the Host HTTP header...

PT-2025-28174 · Pypi · Flask-Boilerplate

Name of the Vulnerable Software and Affected Versions: flask-boilerplate versions through a170e7c Description: The issue allows account takeover via the password reset feature. This is because the SERVER NAME is not configured, and thus the password reset depends on the Host HTTP header...

CVE-2022-43470

Cross-site request forgery CSRF vulnerability in +F FS040U software versions v2.3.4 and earlier, +F FS020W software versions v4.0.0 and earlier, +F FS030W software versions v3.3.5 and earlier, and +F FS040W software versions v1.4.1 and earlier allows an adjacent attacker to hijack the...

CVE-2022-43470

Cross-site request forgery CSRF vulnerability in +F FS040U software versions v2.3.4 and earlier, +F FS020W software versions v4.0.0 and earlier, +F FS030W software versions v3.3.5 and earlier, and +F FS040W software versions v1.4.1 and earlier allows an adjacent attacker to hijack the...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in +F FS040U software versions v2.3.4 and earlier, +F FS020W software versions v4.0.0 and earlier, +F FS030W software versions v3.3.5 and earlier, and +F FS040W software versions v1.4.1 and earlier allows an adjacent attacker to hijack the...

PT-2022-26932 · Fs020W +3 · Fs020W +3

Name of the Vulnerable Software and Affected Versions: +F FS040U versions v2.3.4 and earlier +F FS020W versions v4.0.0 and earlier +F FS030W versions v3.3.5 and earlier +F FS040W versions v1.4.1 and earlier Description: A cross-site request forgery CSRF issue allows an adjacent attacker to hijack...

CVE-2017-18677

An issue was discovered on Samsung mobile devices with M6.0 and N7.x software. Because of an unprotected Intent, an attacker can reset the configuration of certain applications. The Samsung ID is SVE-2016-7142 April 2017...

Cisco Web Security Appliance AsyncOS Software Access Control Error Vulnerability

The Cisco Web Security Appliance WSA is a web security appliance from Cisco. The appliance provides SaaS-based access control, real-time web reporting and tracking, and security policy formulation.AsyncOS Software is the operating system used in it. AsyncOS Software is an operating system used in...

How to Reset NetScaler MAS to Default Configuration

Citrix ADM, formerly NetScaler MAS This article describes how to reset NetScaler MAS to default configuration...

CVE-2004-1540

ZyXEL Prestige 623, 650, and 652 HW Routers, and possibly other versions, with HTTP Remote Administration enabled, does not require a password to access rpFWUpload.html, which allows remote attackers to reset the router configuration file...