Author: Cyberthreat Blog

WAGO IO 750-849 01.01.27 and WAGO IO 750-881 01.02.05 does not contain privilege separation.

Get requests in JBoss Enterprise Application Platform (EAP) 7 discloses internal IP address to remote attackers.

Integer overflow in the wrestool program in icoutils before 0.31.1 allows remote attackers to cause a denial of service (memory corruption) via a crafted executable, which triggers a denial of service (application crash) or the...

oVirt Engine discloses the ENGINE_HTTPS_PKI_TRUST_STORE_PASSWORD in /var/log/ovirt-engine/engine.log file in RHEV before 4.0.

Cross-site request forgery (CSRF) vulnerability in springframework-social before 1.1.3.