Lucene search
K

4 matches found

OSV
OSV
added 2026/05/13 3:29 p.m.5 views

GHSA-96QJ-4JJ5-WCJC Traefik: Gateway API TraefikService backend accepts rest@internal, allowing unauthorized exposure of the REST provider despite providers.rest.insecure=false

Summary There is a medium severity vulnerability in Traefik's Kubernetes Gateway API provider that allows a tenant with HTTPRoute creation permissions to expose the REST provider handler, bypassing the providers.rest.insecure=false setting. The Gateway provider accepts any TraefikService backend...

6.4CVSS5.9AI score0.00457EPSS
Exploits1References6
EUVD
EUVD
added 2026/05/08 12:31 p.m.12 views

EUVD-2026-28547

Weak credentials in the CashDro 3 web administration panel, version 24.01.00.26, where the platform allows the use of numeric PINs for user authentication. The system supports the use of PIN-based credentials, maintaining compatibility with POS software integrations deployed since 2012. This coul...

9.3CVSS5.8AI score0.00324EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/12/10 9:16 p.m.4 views

CVE-2021-47731

Selea Targa IP OCR-ANPR Camera contains a hard-coded developer password vulnerability that allows unauthorized configuration access through an undocumented page. Attackers can exploit the hidden endpoint by using the hard-coded password 'Selea781830' to enable configuration upload and overwrite...

9.3CVSS7.1AI score0.00437EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.6 views

PT-2025-50265

Name of the Vulnerable Software and Affected Versions Selea Targa IP OCR-ANPR Camera affected versions not specified Description The Selea Targa IP OCR-ANPR Camera contains a hard-coded developer password that allows unauthorized configuration access. An attacker can exploit a hidden endpoint usi...

9.3CVSS6.8AI score0.00437EPSS
Exploits1References8
Rows per page
Query Builder