11 matches found
EUVD-2020-16981
Malware in sbrugna...
CVE-2025-55443
Telpo MDM 1.4.6 thru 1.4.9 for Android contains sensitive administrator credentials and MQTT server connection details IP/port that are stored in plaintext within log files on the device's external storage. This allows attackers with access to these logs to: 1. Authenticate to the MDM web platfor...
CVE-2025-55443
Telpo MDM 1.4.6 thru 1.4.9 for Android contains sensitive administrator credentials and MQTT server connection details IP/port that are stored in plaintext within log files on the device's external storage. This allows attackers with access to these logs to: 1. Authenticate to the MDM web platfor...
PHOENIX CONTACT CHARX SEC-3000 安全漏洞
PHOENIX CONTACT CHARX SEC is a series of AC charge controllers from PHOENIX CONTACT, Germany. A security vulnerability exists in the PHOENIX CONTACT CHARX SEC-3000 version 1.5.1 and earlier, which originates from an unauthenticated, remote attacker who can extract session tokens via a MitM attack...
Linksys WRT54GL 命令注入漏洞
Linksys WRT54GL is a wireless router from Linksys USA. A security vulnerability exists in Linksys WRT54GL version 4.30.18.006. By exploiting this vulnerability to gain web administrative privileges, an attacker can inject commands into the post request parameters wlant, wlrate, wlattenctl, ttcpnu...
ROS communications-related packages input validation error vulnerability
ROS communications-related packages is a package related to ROS Robot Operating System communications. An input validation error vulnerability exists in parseOptions in the tools/rosbag/src/record.cpp file in ROS communications-related packages version 1.14.3 and earlier. The vulnerability stems...
GNU LibreDWG Double Release Vulnerability
GNU LibreDWG is a GNU Project C library for working with DWG files. A double release vulnerability exists in the 'dwgfree' function of the free.c file in GNU LibreDWG versions prior to 0.93. The vulnerability stems from mismanagement of system resources e.g., memory, disk space, files, etc. by a...
Percona Server Authorization Issues Vulnerability
Percona Server is an open source relational database management system . An authorization issue vulnerability exists in Percona Server version 5.6.44-85.0-1 Debian and Ubuntu. The vulnerability stems from a lack of authentication measures or insufficient authentication strength in a networked...
50m-ctf: Weak credentials, Blind SQLi, Timing attack, that leads to web admin access
Summary: Discovery of the application: The h1Thermostat application was discovered by extracting the bit.do URL from the image at https://pbs.twimg.com/media/D0XoThpW0AE2r8S.png:large. The URL https://bit.do/h1therm then led to a Google Drive where the Android application file h1thermostat.apk...
LG Electronics mobile access routers lack access restrictions
Overview LG Electronics mobile access routers provided by NTT DOCOMO, INC. lack access restrictions in the web administration interface. Taiga Asano reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An attacke...
WinCom LPD Server multiple security vulnerabilities
LPD buffer overflow with oversized filename, unauthorized web admin interface access, buffer and integer overflows...