The DeskLock tool provided with FactoryTalk View SE uses a weak encryption algorithm that may allow a local, authenticated attacker to decipher user credentials, including…

The web interface of the 1734-AENTR communication module is vulnerable to stored XSS. A remote, unauthenticated attacker could store a malicious script within the web…

The web interface of the 1734-AENTR communication module mishandles authentication for HTTP POST requests. A remote, unauthenticated attacker can send a crafted request that may…

IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a…

IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a…

IBM WebSphere Application Server 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.2 could allow a remote attacker to hijack the clicking action of…

A command injection vulnerability in the CGI program of the Zyxel ARMOR Z1/Z2 firmware could allow an attacker to execute arbitrary OS commands via a…

A cross-site request forgery vulnerability in the HTTP daemon of the Zyxel ARMOR Z1/Z2 firmware could allow an attacker to execute arbitrary commands if they…

A Cross Site Scripting (XSS) vulnerability exits in Subrion CMS through 4.2.1 in the Create Page functionality of the admin Account via a SGV file.…

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with…