XNU suffers from a flow divert race condition use-after-free vulnerability.
>> AUTHOR: deepcore
XNU suffers from a flow divert race condition use-after-free vulnerability.
phpIPAM version 1.4.5 suffers from an authenticated remote code execution vulnerability.
TP-Link AX50 router with firmware 210730 suffers from an authenticated remote code execution vulnerability.
SolarView Compact version 6.00 suffers from multiple cross site scripting vulnerabilities.
Gentics CMS version 5.36.29 suffers from persistent cross site scripting and unsafe java deserialization vulnerabilities.
SoftGuard Web (SGW) versions prior to 5.1.5 suffer from html injection and arbitrary file system access allow for file downloads.
Mitel 6800/6900 Series SIP Phones excluding 6970 and Mitel 6900 Series IP (MiNet) Phones have a flow to spawn a telnet backdoor on the device with a static root password…
Nexans FTTO GigaSwitch industrial/office switches HW version 5 suffer from having a hardcoded backdoor user and multiple outdated vulnerable software components.
When analyzing the USB flash drive Lepin EP-KP001, Matthias Deeg found out that it uses an insecure hardware design which allows an attacker to bypass the password-based user authentication.
SIEMENS-SINEMA Remote Connect versions 3.0.1.0-01.01.00.02 and below suffer from a cross site scripting vulnerability.