| CVE |
Vendors |
Products |
Updated |
CVSS |
| CVE-2018-0448 |
|
|
2019-10-09 |
7.5 |
| A vulnerability in the identity management service of Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to bypass authentication and take complete control of identity management functions. The... |
| CVE-2017-14262 |
1 Samsung |
4 Srn 1670d Firmware, Srn 472s Firmware, Srn 1000 Firmware and 1 more |
2019-10-03 |
9.3 |
| On Samsung NVR devices, remote attackers can read the MD5 password hash of the 'admin' account via certain szUserName JSON data to cgi-bin/main-cgi, and login to the device with that hash in the szUserPasswd parameter. |
| CVE-2018-20810 |
1 Pulsesecure |
2 Pulse Connect Secure, Pulse Policy Secure |
2019-07-03 |
7.5 |
| Session data between cluster nodes during cluster synchronization is not properly encrypted in Pulse Secure Pulse Connect Secure (PCS) 8.3RX before 8.3R2 and Pulse Policy Secure (PPS) 5.4RX before 5.4R2. This is not applicable to PCS 8.1RX, PPS... |
| CVE-2017-11317 |
1 Telerik |
1 Ui For Asp.net Ajax |
2018-10-17 |
7.5 |
| Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX before R1 2017 and R2 before R2 2017 SP2 uses weak RadAsyncUpload encryption, which allows remote attackers to perform arbitrary file uploads or execute arbitrary code. |
| CVE-2018-15124 |
1 Zipato |
1 Zipabox Firmware |
2018-10-10 |
10.0 |
| Weak hashing algorithm in Zipato Zipabox Smart Home Controller BOARD REV - 1 with System Version -118 allows unauthenticated attacker extract clear text passwords and get root access on the device. |
| CVE-2017-1000486 |
1 Primetek |
1 Primefaces |
2018-01-24 |
7.5 |
| Primetek Primefaces 5.x is vulnerable to a weak encryption flaw resulting in remote code execution |
| CVE-2017-14797 |
1 Philips |
1 Hue Bridge Bsb002 Firmware |
2017-11-21 |
7.9 |
| Lack of Transport Encryption in the public API in Philips Hue Bridge BSB002 SW 1707040932 allows remote attackers to read API keys (and consequently bypass the pushlink protection mechanism, and obtain complete control of the connected... |
| CVE-2014-9975 |
1 Google |
1 Android |
2017-08-23 |
10.0 |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a rollback vulnerability potentially exists in Full Disk Encryption. |
| CVE-2015-0575 |
1 Google |
1 Android |
2017-08-21 |
10.0 |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, insecure ciphersuites were included in the default configuration. |
| CVE-2017-8076 |
1 Tp-link |
1 Tl-sg108e Firmware |
2017-04-27 |
7.8 |
| On the TP-Link TL-SG108E 1.0, admin network communications are RC4 encoded, even though RC4 is deprecated. This affects the 1.1.2 Build 20141017 Rel.50749 firmware. |
