15 matches found
CVE-2024-25140
A default installation of RustDesk 1.2.3 on Windows places a WDKTestCert certificate under Trusted Root Certification Authorities with Enhanced Key Usage of Code Signing 1.3.6.1.5.5.7.3.3, valid from 2023 until 2033. This is potentially unwanted, e.g., because there is no public documentation of...
CVE-2025-31362
Use of hard-coded cryptographic key issue exists in BizRobo! all versions. Credentials inside robot files may be obtained if the encryption key is available. The vendor provides the workaround information and recommends to apply it to the deployment environment...
CVE-2025-31362
BizRobo! is affected by CVE-2025-31362 due to use of a hard-coded cryptographic key (CWE-321). Credentials inside robot files may be obtained if the encryption key is available. Affected product: BizRobo! all versions. Impact stated: credentials in robot files may be disclosed when the key is kno...
SNMP service is enabled by default in Sharp NEC Display Solutions projectors
Overview Multiple projectors provided by Sharp NEC Display Solutions, Ltd. are configured with SNMP service enabled by default, therefore can be accessed by specifying SNMP community name "public" CWE-1242 ,CVE-2024-7011. SNMP service configuration enable/disable cannot be changed on the manageme...
PHP Captcha / Securimage 2.0.2 - Authentication Bypass - SO-11-007
No description provided by source. Sense of Security - Security Advisory - SOS-11-007 Release Date. 20-May-2011 Last Update. - Vendor Notification Date. 04-Apr-2011 Product. Securimage / PHPCaptcha Platform. PHP Affected versions. 1.0.4 - 2.0.2 Severity Rating. Medium Impact. Authentication bypas...
[KIS-2014-06] Dotclear <= 2.6.2 (Media Manager) Unrestricted File Upload Vulnerability
------------------------------------------------------------------------ Dotclear = 2.6.2 Media Manager Unrestricted File Upload Vulnerability ------------------------------------------------------------------------ - Software Link: http://dotclear.org/ - Affected Versions: Version 2.6.2 and...
Dotclear 2.6.2 Arbitrary File Upload
------------------------------------------------------------------------ Dotclear = 2.6.2 Media Manager Unrestricted File Upload Vulnerability ------------------------------------------------------------------------ - Software Link: http://dotclear.org/ - Affected Versions: Version 2.6.2 and...
Allied Telesis AT-RG634A ADSL Broadband Router - Unauthenticated Webshell
Exploit for hardware platform in category web applications Title: Allied Telesis AT-RG634A ADSL Broadband router hidden administrative unauthenticated webshell. Vulnerability Information: - CVE: CVE-2014-1982 - Type of Vulnerability: - CWE-78 : OS Command Injection - CWE-306 : Missing...
PHPCaptcha / Securimage 2.0.2 - Authentication Bypass - SOS-11-007
Sense of Security - Security Advisory - SOS-11-007 Release Date. 20-May-2011 Last Update. - Vendor Notification Date. 04-Apr-2011 Product. Securimage / PHPCaptcha Platform. PHP Affected versions. 1.0.4 - 2.0.2 Severity Rating. Medium Impact. Authentication bypass Attack Vector. Remote without...
PHP Captcha Securimage 2.0.2 - Authentication Bypass
PHP Captcha Securimage 2.0.2 - Authentication Bypass Sense of Security - Security Advisory - SOS-11-007 Release Date. 20-May-2011 Last Update. - Vendor Notification Date. 04-Apr-2011 Product. Securimage / PHPCaptcha Platform. PHP Affected versions. 1.0.4 - 2.0.2 Severity Rating. Medium Impact...
PHP Captcha / Securimage 2.0.2 - Authentication Bypass
Sense of Security - Security Advisory - SOS-11-007 Release Date. 20-May-2011 Last Update. - Vendor Notification Date. 04-Apr-2011 Product. Securimage / PHPCaptcha Platform. PHP Affected versions. 1.0.4 - 2.0.2 Severity Rating. Medium Impact. Authentication bypass Attack Vector. Remote without...
EMC Celerra NAS Appliance - Unauthorized Access to Root NFS Export
EMC Celerra NAS Appliance - Unauthorized Access to Root NFS Export Trustwave's SpiderLabs Security Advisory TWSL2010-003: Unauthorized access to root NFS export on EMC Celerra Network Attached Storage NAS appliance https://www.trustwave.com/spiderlabs/advisories/TWSL2010-003.txt Published:...
IPv6 implementations insecurely update Forwarding Information Base
Overview A vulnerability in some implementations of the IPv6 Neighbor Discovery Protocol may allow a nearby attacker to intercept traffic or cause congested links to become overloaded. Description IPv6 networks use the Neighbor Discovery Protocol NDP to detect and locate routers and other on-link...
JP1/Cm2/Network Node Manager Denial of Service Vulnerability
Overview The JP1/Cm2/Network Node Manager NNM has vulnerability that can be exploited to cause a denial of service DoS. Impact A remote attacker could cause a denial of service DoS. Solution Please refer to the 'Vendor Information' section for the recommended workaround...
MTCMS WYSIWYG Editor cross-site scripting vulnerability
Overview MTCMS WYSIWYG Editor, weblog management software from SKYARC System, contains a cross-site scripting vulnerability. MTCMS WYSIWYG Editor from SKYARC System is management software used to update Movable Type contents, etc. The install.cgi in MTCMS WYSIWYG Editor contains a cross-site...