GE Xeleris versions 1.0,1.1,2.1,3.0,3.1, medical imaging systems, all current versions are affected, these devices use default or hard-coded credentials. Successful exploitation of this vulnerability ...

GE GEMNet License server (EchoServer) all current versions are affected these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker t...

An Authentication Bypass by Spoofing issue was discovered in LAVA Ether-Serial Link (ESL) running firmware versions 6.01.00/29.03.2007 and prior versions. An improper authentication vulnerability has ...

GE Infinia/Infinia with Hawkeye 4 medical imaging systems all current versions are affected these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow...

A Stack-based Buffer Overflow issue was discovered in WECON LEVI Studio HMI Editor v1.8.1 and prior. Multiple stack-based buffer overflow vulnerabilities have been identified in which the application ...

A Missing Authentication for Critical Function issue was discovered in Schneider Electric InduSoft Web Studio v8.0 SP2 or prior, and InTouch Machine Edition v8.0 SP2 or prior. InduSoft Web Studio prov...

An authentication vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows remote users to bypass authentication.

In macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, a logic error existed in the validation of credentials. This was addressed with improved ...

An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the third-party "PCRE" product. Versions before 8.40 allow remote attackers to cause a denial of...

An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "802.1X" component. It allows attackers to have an unspecified impact by leveraging TLS 1.0 ...

An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the third-party "file" product. Versions before 5.31 allow remote attackers to cause a denial of...

Lexmark Scan To Network (SNF) 3.2.9 and earlier stores network configuration credentials in plaintext and transmits them in requests, which allows remote attackers to obtain sensitive information via ...

A flaw in the IBM J9 VM class verifier allows untrusted code to disable the security manager and elevate its privileges. IBM X-Force ID: 126873.

The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().

The Amcrest IPM-721S Amcrest_IPC-AWXX_Eng_N_V2.420.AC00.17.R.20170322 allows HTTP requests that permit enabling various functionalities of the camera by using HTTP APIs, instead of the web management ...

The __skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel before 4.3 does not ensure that n_proto, ip_proto, and thoff are initialized, which allows remote attackers to cause a ...

Buffer overflow in the web server service in VX Search Enterprise 10.0.14 allows remote attackers to execute arbitrary code via a crafted GET request.

Privilege escalation in Replibit Backup Manager earlier than version 2017.08.04 allows attackers to gain root privileges via sudo command execution. The vi program can be accessed through sudo, in ord...

An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. The backup file contains sensitive information in a insecure way. There is no salt for password hashing. Indeed passwords are stor...

A buffer overflow vulnerability lies in the web server component of Dup Scout Enterprise 9.9.14, Disk Savvy Enterprise 9.9.14, Sync Breeze Enterprise 9.9.16, and Disk Pulse Enterprise 9.9.16 where an ...

The IKEv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.

The IKEv1 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:ikev1_id_print().

The OLSR parser in tcpdump before 4.9.2 has a buffer over-read in print-olsr.c:olsr_print().

The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print().