The 3CX Phone System stores password in the clear as well as makes them exportable in the administration interface.
2c1705c4372ab218a33192a0a6965c618979430b30d44e4c74099369db74b516
The 3CX Client for Windows (legacy), Android, and iOS fails to properly validate TLS certificates.
074017ebf0abca4d37a8b67b240f167c0bec4bbfda44f67fe65cc2c9c71455a1
Ionic Identity Vault versions 5.0.4 and below suffer from a PIN unlock lockout bypass vulnerability on both Android and iOS.
6d043256140f16431c0ba31a27b2ed7b96bda2ffd3eebc36d63d48a045405df3
OpenVPN Monitor versions 1.1.3 and below suffer from a cross site request forgery vulnerability that allows an attacker to disconnect arbitrary VPN clients.
1f3480045376cc0f2cd806ce155a2c7af1486e8d2504fc839a567a574a2ca25d
OpenVPN Monitor versions 1.1.3 and below suffer from an injection vulnerability that allows an attacker to inject arbitrary commands into the OpenVPN server management interface socket.
4aac8e5a6173c4bf869dd5a55f56e9c252331247d5ba381aa933566cb18beba6
OpenVPN Monitor versions 1.1.3 and below suffer from an authorization bypass vulnerability that allows an attacker to disconnect arbitrary clients, even if the disconnect feature is disabled.
44443d6d17ea4c88ab04491310bc5cbff119d5c6333513c5f92e9d957fcdc127
Ionic Identity Vault versions 4.7 and below suffer from a biometric authentication bypass vulnerability on Android.
0937a4fec4ba4da6536fb54a86bc96cbee6f829e34003327e23d35d71714b309
Froala WYSIWYG HTML Editor versions 3.0.6 through 3.1.1 suffer from a cross site scripting vulnerability.
bdfe7870a6bfb2049e8c75da603ea32348be1f41280ca90de30fc97cec47171d
Siemens SICAM A8000 Series suffers from an XML injection denial of service vulnerability.
354a63d78ac4b5ab320b994b6c1ce672f98e673e216b330282677992fd04dbd8