CVE Alert: CVE-2025-27449
Vulnerability Summary: CVE-2025-27449 The MEAC300-FNADE4 does not implement sufficient measures to prevent multiple failed authentication attempts within a short time...
Vulnerabilities
CVE Alert: CVE-2025-27456
Vulnerability Summary: CVE-2025-27456 The SMB server's login mechanism does not implement sufficient measures to prevent multiple failed authentication attempts within...
CVE Alert: CVE-2025-27457
Vulnerability Summary: CVE-2025-27457 All communication between the VNC server and client(s) is unencrypted. This allows an attacker to intercept the...
CVE Alert: CVE-2025-1711
Vulnerability Summary: CVE-2025-1711 Multiple services of the DUT as well as different scopes of the same service reuse the same...
CVE Alert: CVE-2025-27458
Vulnerability Summary: CVE-2025-27458 The VNC authentication mechanism bases on a challenge-response system where both server and client use the same...
CVE Alert: CVE-2025-1710
Vulnerability Summary: CVE-2025-1710 The maxView Storage Manager does not implement sufficient measures to prevent multiple failed authentication attempts within a...
CVE Alert: CVE-2025-27455
Vulnerability Summary: CVE-2025-27455 The web application is vulnerable to clickjacking attacks. The site can be embedded into another frame, allowing...
CVE Alert: CVE-2025-27454
Vulnerability Summary: CVE-2025-27454 The application is vulnerable to cross-site request forgery. An attacker can trick a valid, logged in user...
CVE Alert: CVE-2025-27453
Vulnerability Summary: CVE-2025-27453 The HttpOnly flag is set to false on the PHPSESSION cookie. Therefore, the cookie can be accessed...
CVE Alert: CVE-2025-27452
Vulnerability Summary: CVE-2025-27452 The configuration of the Apache httpd webserver which serves the MEAC300-FNADE4 web application, is partly insecure. There...
CVE Alert: CVE-2025-2540
Vulnerability Summary: CVE-2025-2540 Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled prettyPhoto library (version...
CVE Alert: CVE-2025-27459
Vulnerability Summary: CVE-2025-27459 The VNC application stores its passwords encrypted within the registry but uses DES for encryption. As DES...
CVE Alert: CVE-2025-49618
Vulnerability Summary: CVE-2025-49618 In Plesk Obsidian 18.0.69, unauthenticated requests to /login_up.php can reveal an AWS accessKeyId, secretAccessKey, region, and endpoint....
CVE Alert: CVE-2025-27461
Vulnerability Summary: CVE-2025-27461 During startup, the device automatically logs in the EPC2 Windows user without requesting a password. Affected Endpoints:...
CVE Alert: CVE-2025-27460
Vulnerability Summary: CVE-2025-27460 The hard drives of the device are not encrypted using a full volume encryption feature such as...
CVE Alert: CVE-2025-2537
Vulnerability Summary: CVE-2025-2537 Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled ThickBox JavaScript library...
CVE Alert: CVE-2025-3702
Vulnerability Summary: CVE-2025-3702 Missing Authorization vulnerability in Melapress Melapress File Monitor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue...
CVE Alert: CVE-2025-43713
Vulnerability Summary: CVE-2025-43713 ASNA Assist and ASNA Registrar before 2025-03-31 allow deserialization attacks against .NET remoting. These are Windows system...
CVE Alert: CVE-2025-49595
Vulnerability Summary: CVE-2025-49595 n8n is a workflow automation platform. Prior to version 1.99.0, there is a denial of Service vulnerability...
CVE Alert: CVE-2025-49032
Vulnerability Summary: CVE-2025-49032 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PublishPress Gutenberg Blocks allows Stored...
CVE Alert: CVE-2025-2932
Vulnerability Summary: CVE-2025-2932 The JKDEVKIT plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation...
CVE Alert: CVE-2025-50262
Vulnerability Summary: CVE-2025-50262 Tenda AC6 v15.03.05.16_multi is vulnerable to Buffer Overflow in the formSetQosBand function via the list parameter. Affected...
CVE Alert: CVE-2025-50263
Vulnerability Summary: CVE-2025-50263 Tenda AC6 v15.03.05.16_multi is vulnerable to Buffer Overflow in the fromSetRouteStatic function via the list parameter. Affected...
CVE Alert: CVE-2025-50260
Vulnerability Summary: CVE-2025-50260 Tenda AC6 v15.03.05.16_multi is vulnerable to Buffer Overflow in the formSetFirewallCfg function via the firewallEn parameter. Affected...
