Unprotected API lets remote users control Philips Taolight Smart Wi-Fi Wiz Contol
Overview : Philips Taolight Smart Wi-Fi Wiz Connected LED Bulb API Flaws Affected Product(s) : Philips Taolight Smart Wi-Fi Wiz
Overview : Philips Taolight Smart Wi-Fi Wiz Connected LED Bulb API Flaws Affected Product(s) : Philips Taolight Smart Wi-Fi Wiz
Overview : some issues found in phpbb 3.0.x-3.0.6 with an XSS vulnerability. Affected Product(s) : phpbb 3.0.x-3.0.6 Vulnerability Details :
Overview : New vulnerabilities discovered in SAP products Affected Product(s) : SAP Vulnerability Details : CVE ID : CVE-2019-0388 [[CVE-2019-0388] Content
Overview : An attacker can trick a privileged user while using WSO2 IS as Key Manager Affected Product(s) : WSO2
Overview : Matrix Synapse before 1.5.0 mishandles signature checking on some federation APIs. Affected Product(s) : Matrix Synapse before 1.5.0
Overview : An access control issue in MantisBT before 1.2.13 allows users with “Reporter” permissions to change any issue to
Overview : Apache CXF OpenId Connect token service does not properly validate the clientId Affected Product(s) : Apache CXF prior
Overview : drupal6: SA-CORE-2010-002 – Drupal core – Multiple vulnerabilities Affected Product(s) : Drupal6 version 6.16 Vulnerability Details : CVE
Overview : SuiteCRM 7.10.x versions prior to 7.10.21 and 7.11.x versions prior to 7.11.9 allow SQL Injection. Affected Product(s) :
Overview : linux vserver priviledge escalation in remount code Affected Product(s) : linux vserver 2.6 before 2.6.17 Vulnerability Details :
Overview : Multiple flaws was discovered in Joomla 3.2.0 – 3.9.12 Affected Product(s) : Joomla! CMS versions 3.2.0 – 3.9.12
Overview : An insecurity temporary file vulnerability exists in RHQ Mongo DB Drift Server through 2013-09-25 when unpacking zipped files.
Overview : Multiple flaws was discovered in TYPO3 Core Affected Product(s) : TYPO3 versions 4.1.13 and below, 4.2.12 and below,
Overview : Multiple flaws was discovered in Honeywell equIP and Performance Series IP Cameras Affected Product(s) : Security Notification SN
Overview : An insecure direct object reference (IDOR) vulnerability exists in Magento Affected Product(s) : Magento 2.3 prior to 2.3.1,
Overview : SugarCRM CE <= 6.3.1 contains scripts that use “unserialize()” with user controlled input which allows remote attackers to
Overview : Multiple flaws was discovered in postgresql Affected Product(s) : postgresql 9.4 – 11 postgresql 11.x before 11.5 Vulnerability
Overview : In IP-AK2 Access Control Panel Version 1.04.07 and prior, the integrated web server of the affected devices could
Overview : Zend Framework before 2.2.10 and 2.3.x before 2.3.5 has Potential SQL injection in PostgreSQL Zend\Db adapter. Affected Product(s)
Overview : Multiple security vulnerabilities in TP-Link M7350 devices Affected Product(s) : TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n
Overview : Multiple security vulnerabilities have been updated in IBM products Affected Product(s) : IBM Maximo Asset Management 7.6 IBM
Overview : Apache Traffic Server is vulnerable to HTTP/2 setting flood attacks. Earlier versions of Apache Traffic Server didn’t limit
Overview : IBM DB2 High Performance Unload load for LUW 6.1 and 6.5 is vulnerable to a buffer overflow, caused
Overview : Authenticated SQL Injection in interface/forms/eye_mag/js/eye_base.php in OpenEMR through 5.0.2 allows a user to extract arbitrary data from the