| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Brother MFC-9970CDW devices with firmware 0D allow cleartext submission of passwords. |
| TP-LINK TL-WR1043ND V1_120405 devices contain an unspecified denial of service vulnerability. |
| MiniUPnPd has information disclosure use of snprintf() |
| An Access vulnerability exists in FOSCAM IP Camera FI8620 due to insufficient access restrictions in the /tmpfs/ and /log/ directories, which could let a malicious user obtain sensitive information. |
| A Security Bypass vulnerability exists in TP-LINK IP Cameras TL-SC 3130, TL-SC 3130G, 3171G, 4171G, and 3130 1.6.18P12 due to default hard-coded credentials for the administrative Web interface, which could let a malicious user obtain unauthorized access to CGI files. |
| A Security Bypass vulnerability exists in Zavio IP Cameras through 1.6.3 because the RTSP protocol authentication is disabled by default, which could let a malicious user obtain unauthorized access to the live video stream. |
| An Authentication Bypass vulnerability exists in the web interface in Zavio IP Cameras through 1.6.03 due to a hardcoded admin account found in boa.conf, which lets a remote malicious user obtain sensitive information. |
| SimpleHRM 2.3 and earlier could allow remote attackers to bypass the authentication process in 'user_manager.php' via spoofing a cookie. |
| Directory traversal vulnerability in AWS XMS 2.5 allows remote attackers to view arbitrary files via the 'what' parameter. |
| PHP Code Injection vulnerability in FUDforum Bulletin Board Software 3.0.4 could allow remote attackers to execute arbitrary code on the system. |
| Cryptocat strophe.js before 2.0.22 has information disclosure |
| Cryptocat before 2.0.22 Chrome Extension 'img/keygen.gif' has Information Disclosure |
| Cryptocat before 2.0.42 has Group Chat ECC Private Key Generation Brute Force Weakness |
| SaltStack RSA Key Generation allows remote users to decrypt communications |
| GLPI 0.83.7 has Local File Inclusion in common.tabs.php. |
| Monkey HTTP Daemon has local security bypass |
| The %{password(...)} macro in pastemacroexpander.cpp in the KDE Paste Applet before 4.10.5 in kdeplasma-addons does not properly generate passwords, which allows context-dependent attackers to bypass authentication via a brute-force attack. |
| WordPress plugin wp-cleanfix has Remote Code Execution |
| webauth before 4.6.1 has authentication credential disclosure |
| OpenShift cartridge allows remote URL retrieval |
