180 matches found
The vulnerability of the WAGO Ethernet controller, related to deficiencies in authentication procedures, allows a perpetrator to alter certain special parameters without being authenticated.
The vulnerability of the WAGO Ethernet controller is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to modify certain special parameters without being authenticated...
CVE-2020-17409
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R6120, R6080, R6260, R6220, R6020, JNR3210, and WNR2020 routers with firmware 1.0.66. Authentication is not required to exploit this vulnerability. The specific flaw exists...
Authentication flaw
SoPlanning before 1.47 doesn't correctly check the security key used to publicly share plannings. It allows a bypass to get access without authentication...
CVE-2020-10917
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NEC ESMPRO Manager 6.42. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RMI service. The issue results from the lack of proper validation of...
bluez: failure in disabling Bluetooth discoverability in certain cases may lead to the unauthorized pairing of Bluetooth devices
A bug in Bluez may allow for the Bluetooth Discoverable state being set to on when no Bluetooth agent is registered with the system. This situation could lead to the unauthorized pairing of certain Bluetooth devices without any form of authentication...
Samsung Mobile Device Access Control Error Vulnerability
Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. The Samsung Mobile Device Access Control Error vulnerability can be exploited by an attacker to access Gallery albums in Secure Folder without authentication...
Teradici PCoIP Management Console Security Vulnerability
Teradici PCoIP Management Console is a console program for managing PCoIP clients from Teradici Canada. A security vulnerability exists in Teradici PCoIP Management Console versions 20.01.0 and 19.11.1. The vulnerability can be exploited by an attacker to reset a password without authentication...
Samsung Mobile Device Authorization Issue Vulnerability (CNVD-2020-32862)
Android is a free and open source operating system from Google based on the Linux kernel without GNU components. An authorization issue vulnerability exists in Samsung mobile devices, which can be exploited by attackers to modify USB configuration without authentication...
Unspecified Vulnerability in Samsung Mobile Devices (CNVD-2020-30406)
Android is a free and open source operating system from Google based on the Linux kernel without GNU components. An unspecified vulnerability exists in Samsung mobile devices, which can be exploited by attackers to modify security settings without authentication...
CVE-2019-20595
An issue was discovered on Samsung mobile devices with P9.0 software. Quick Panel allows enabling or disabling the Bluetooth stack without authentication. The Samsung ID is SVE-2019-14545 July 2019...
PT-2020-6770 · Unknown · Centos Web Panel
Name of the Vulnerable Software and Affected Versions: CentOS Web Panel versions cwp-e17.0.9.8.923 Description: The issue is related to the implementation of the ajax mod security.php script in CentOS Web Panel, where the archivo parameter does not properly neutralize special elements in...
Unspecified vulnerability in Anviz access control devices (CNVD-2019-44971)
Anviz access control devices is an access control device from Anviz China. A security vulnerability exists in Anviz access control devices. The vulnerability can be exploited by an attacker to change the administrator password without authentication...
CVE-2019-15073
An Open Redirect vulnerability for all browsers in MAIL2000 through version 6.0 and 7.0, which will redirect to a malicious site without authentication. This vulnerability affects many mail system of governments, organizations, companies and universities...
MikroTik RouterOS File Deletion Vulnerability (CVE-2019-15055)
MikroTik RouterOS is prone to an authenticated file deletion vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
DEBIAN-CVE-2019-12815
An arbitrary file copy vulnerability in modcopy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306...
UBUNTU-CVE-2019-12815
An arbitrary file copy vulnerability in modcopy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306...
PT-2019-9479 · Comodo · Comodo Utm Firewall
Name of the Vulnerable Software and Affected Versions: Comodo UTM Firewall versions prior to 2.7.0 Description: The issue allows remote attackers to execute arbitrary code without authentication via a crafted URL. This is related to the Web Console in Comodo UTM Firewall. Recommendations: For...
daveismyname simple-cms authentication flaw vulnerability
daveismyname simple-cms is a content management system CMS. A security vulnerability exists in daveismyname simple-cms on 2014-03-11 and earlier versions, which stems from adding pages without authentication. An attacker can exploit the vulnerability to add pages...
CVE-2016-9490
ManageEngine Applications Manager versions 12 and 13 before build 13200 suffer from a Reflected Cross-Site Scripting vulnerability. Applications Manager is prone to a Cross-Site Scripting vulnerability in parameter LIMIT, in URL path /DiagAlertAction.do?REQTYPE=AJAX&LIMIT=1233. The URL is also...
Pelco Sarix Pro Network Camera set_param Program Has an Override Access Vulnerability
pelco Sarix Professional is a video camera. An override access vulnerability exists in the pelco Sarix Pro network camera setparam program. The vulnerability allows attackers to remotely enable ssh services without authentication to take full control of the camera...