Improper privilege management vulnerability in CoolKit Technology eWeLink on Android and iOS allows application lockscreen bypass.This issue affects eWeLink before 5.2.0.
When the device is in factory state, it can be access the shell without adb authentication process. The LG ID is LVE-SMP-210010.
NCR SelfServ ATMs running APTRA XFS 05.01.00 do not properly validate softare updates for the bunch note acceptor (BNA), enabling an attacker with physical access to internal ATM components to restart...
MinIO versions before RELEASE.2020-04-23T00-58-49Z have an authentication bypass issue in the MinIO admin API. Given an admin access key, it is possible to perform admin API operations i.e. creating n...
OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potential...
The GOautodial API prior to commit 3c3a979 made on October 13th, 2021 exposes an API router that accepts a username, password, and action that routes to other PHP files that implement the various API ...
Authentication Bypass by Primary Weakness vulnerability in Oliva Expertise Oliva Expertise EKS allows Collect Data as Provided by Users.This issue affects Oliva Expertise EKS: before 1.2.