CVE-2022-47616
Hitron CODA-5310 has insufficient filtering for specific parameters in the connection test function. A remote attacker authenticated as an administrator, can use the management page to perform command ...
Continue Reading
June 02, 2023
CVE-2022-46308
SGUDA U-Lock central lock control serviceâs user management function has incorrect authorization. A remote attacker with general user privilege can exploit this vulnerability to call privileged A ...
Continue Reading
June 02, 2023
CVE-2023-30602
Hitron Technologies CODA-5310âs Telnet function transfers sensitive data in plaintext. An unauthenticated remote attacker can exploit this vulnerability to access credentials of normal users and ...
Continue Reading
June 02, 2023
CVE-2022-47617
Hitron CODA-5310 has hard-coded encryption/decryption keys in the program code. A remote attacker authenticated as an administrator can decrypt system files using the hard-coded keys for file access, ...
Continue Reading
June 02, 2023
CVE-2022-46307
SGUDA U-Lock central lock control serviceâs lock management function has incorrect authorization. A remote attacker with general privilege can exploit this vulnerability to call privileged APIs t ...
Continue Reading
June 02, 2023
CVE-2023-28702
ASUS RT-AC86U does not filter special characters for parameters in specific web URLs. A remote attacker with normal user privileges can exploit this vulnerability to perform command injection attack t ...
Continue Reading
June 02, 2023
CVE-2023-28704
Furbo dog camera has insufficient filtering for special parameter of device log management function. An unauthenticated remote attacker in the Bluetooth network with normal user privileges can exploit ...
Continue Reading
June 02, 2023
CVE-2023-28699
Wade Graphic Design FANTSY has a vulnerability of insufficient filtering for file type in its file update function. An authenticated remote attacker with general user privilege can exploit this vulner ...
Continue Reading
June 02, 2023
[SECURITY] Fedora 38 Update: mod_auth_openidc-2.4.13.2-1.fc38
This module enables an Apache 2.x web server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server.Read More ...
Continue Reading
June 01, 2023
Kyverno vulnerable due to usage of insecure cipher
### Summary Insecure 3DES ciphers are used which may lead to exploitation of the [Sweet32 vulnerability](https://sweet32.info/). Specifically, the ciphers TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (secp256r ...
Continue Reading
May 30, 2023
