A crafted configuration packet sent by an authenticated administrative user can be used to execute arbitrary commands in system context. This issue also affects installations…

By executing a special command, an user with administrative rights can get access to extended debug functionality on the VRM allowing an impact on integrity…

An error in a page handler of the VRM may lead to a reflected cross site scripting (XSS) in the web-based interface. To exploit this…

An unauthenticated attacker is able to send a special HTTP request, that causes a service to crash. In case of a standalone VRM or BVMS…

A privilege escalation vulnerability exists in the Remote Server functionality of Dream Report ODS Remote Connector 20.2.16900.0. A specially-crafted command injection can lead to elevated…

An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h in function read_udp_push_config_file. A specially-crafted network…

An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h in function recv_server_device_response_msg_process. A specially-crafted network…

Mahavitaran android application 7.50 and prior are affected by account takeover due to improper OTP validation, allows remote attackers to control a users account. Devamını…

Mahavitaran android application 7.50 and prior are affected by account takeover due to improper OTP validation, allows remote attackers to control a users account. Devamını…

An improper intent redirection handling in Tags prior to SMR Dec-2021 Release 1 allows attackers to access sensitive information. Devamını Oku