NC450 version 1.5.0 Build 181022 Rel.3A033D contains a hardcoded root credential within its Linux distribution image.
6bba0a6109ba1247e569011ad249f79c
WordPress Form Maker plugin version 1.13.2 suffers from cross site request forgery and local file inclusion vulnerabilities.
8deea4221b9f9ccb2ca588bc0021f050
Dell EMC IsilonSD Management Server version 1.1.1 contains fixes for two cross site scripting (XSS) security vulnerabilities, which could potentially be exploited by malicious users to compromise the affected system.
926c23acead65bbcb12e6f8d6db13a6e
hardwear is seeking innovative research on hardware security. If you have done interesting research on attacks or mitigation on any Hardware and want to showcase it to the security community, just submit your research paper. A conference in the USA will take place June 11th through the 14th, 2019 and another will take place in the Netherlands September 23rd through the 27th.
c2fb7f675674da300f0f76c6ac3d0d95
Open-Xchange AppSuite versions 7.10.1 and below suffer from information exposure and improper access control vulnerabilities.
49339a0d35cc917c045e135d1d0cc7bf
The c0c0n 2019 call for papers has been announced. It will take place September 25th through the 28th, 2019 at the Grand Hyatt, Kochi (Cochin), Kerala, India.
7249c0266d14ba00f16c8728632d4033
Debian Linux Security Advisory 4424-1 - Adam Dobrawy, Frederico Silva and Gregory Brzeski from HyperOne.com discovered that pdns, an authoritative DNS server, did not properly validate user-supplied data when building a HTTP request from a DNS query in the HTTP Connector of the Remote backend. This would allow a remote user to cause either a denial-of-service, or information disclosure.
2194d404be58e1719c9898513ead39b4
Tradebox CryptoCurrency version 5.4 suffers from a remote SQL injection vulnerability.
606d500c8655565617e3e1e3c70cb394
Administrative credentials submitted to the Arris Touchstone TG1672 are sent over HTTP base64 encoded in a GET request.
491ff2f2f550a4e5a0c7b0c0e311c064
Uniqkey Password Manager version 1.14 suffers from a credential disclosure vulnerability.
ea9c2c93343ceb1f6e52414d9161ee11
ManageEngine ServiceDesk Plus version 9.3 suffers from a user enumeration vulnerability.
eb8dcae5863a39ead11b0880321657c7
QNAP Netatalk versions prior to 3.1.12 suffer from an authentication bypass vulnerability.
466729fbd6889b0af635389fd5324792
Uniqkey Password Manager version 1.14 suffers from a denial of service vulnerability.
f5b5e608fe48d040f19d405b6c32329c
Download Accelerator Plus (DAP) version 10.0.6.0 SEH buffer overflow exploit.
80c14c20b64f967e4bf9703745f937a6
SaLICru -SLC-20-cube3(5) suffers from an html injection vulnerability.
de6aac50bfe4ca42cdda644b65792c7f