A flaw was found in the Pacemaker configuration tool (pcs). The pcs daemon was allowing expired accounts, and accounts with expired passwords to login when using PAM authentication. Therefore, unprivileged expired accounts that have been denied access could still login.
A flaw was found in SSSD version 1.9.0. The SSSD's access-provider logic causes the result of the HBAC rule processing to be ignored in the event that the access-provider is also handling the setup of...
The HomeAutomationGateway service in MiCasaVerde VeraLite with firmware 1.5.408 allows (1) remote attackers to execute arbitrary Lua code via a RunLua action in a request to upnp/control/hag on port 4...
D-Link DIR-100 4.03B07: cli.cgi security bypass due to failure to check authentication parameters
TRENDnet WiFi Baby Cam TV-IP743SIC has a password of admin for the backdoor root account.
Cisco RV110W, RV130W, and RV215W devices have an incorrect RBAC configuration for the default account, which allows remote authenticated users to obtain root access via a login session with that accou...
Huawei Video Content Management (VCM) before V100R001C10SPC001 does not properly "authenticate online user identities and privileges," which allows remote authenticated users to gain privileges and pe...