EUVD-2022-28960

Malicious code in bioql PyPI...

CVE-2020-4996

IBM Security Identity Governance and Intelligence 5.2.6 could allow a local user to obtain sensitive information via the capturing of screenshots of authentication credentials. IBM X-Force ID: 192913...

Information disclosure

An issue was discovered on Dahua DHI-HCVR7216A-S3 3.210.0001.10 build 2016-06-06 devices. The Dahua DVR Protocol, which operates on TCP Port 37777, is an unencrypted, binary protocol. Performing a Man-in-the-Middle attack allows both sniffing and injections of packets, which allows creation of...

CVE-2017-6432

The CVE-2017-6432 entry concerns Dahua DHI-HCVR7216A-S3 devices (firmware 3.210.0001.10, build 2016-06-06). The Dahua DVR protocol on TCP port 37777 is an unencrypted binary protocol; a Man-in-the-Middle can sniff and inject packets, enabling creation of fully privileged new users and capture of ...

KLA10502 Multiple vulnerabilities in BACnet OPC Server

Multiple critical vulnerabilities have been found in BACnet OPC Server. Malicious users can exploit these vulnerabilities to execute arbitrary files and read&write local database. Below is a complete list of vulnerabilities 1. An unknwon vulnerabilities can be exploited remotely via unknown vecto...

Outlook Web Access URL Injection

Due to a lack of sanitization of the user input, the remote version of Microsoft Outlook Web Access 2003 is vulnerable to URL injection which can be exploited to redirect a user to a different, unauthorized web server after authenticating to OWA. SPDX-FileCopyrightText: 2005 Michael J. Richardson...