For providers

BPL Personal Weighing Scale PWS-01BT IND/09/18/599 devices send sensitive information in unencrypted BLE packets. (The packet data also lacks authentication and integrity protection.)

Improper Privilege Management vulnerability in SAMPA? Holding AKOS allows Collect Data as Provided by Users.This issue affects AKOS: through 20240902. NOTE: The vendor was contacted early about...

Local ABL Client bypass of the required PASOE security checks may allow an attacker to commit unauthorized code injection into Multi-Session Agents on supported OpenEdge LTS platforms up to...

Host name validation for TLS certificates is bypassed when the installed OpenEdge default certificates are used to perform the TLS handshake for a networked connection. This has been corrected so...

An ActiveMQ Discovery service was reachable by default from an OpenEdge Management installation when an OEE/OEM auto-discovery feature was activated. Unauthorized access to the discovery...

MCMS v5.4.1 has front-end file upload vulnerability which can lead to remote command execution.

Issue summary: Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address resulting in abnormal termination of...

Insufficient access checks in Visual Planning Admin Center 8 before v.1 Build 240207 allow attackers in possession of a non-administrative Visual Planning account to utilize functions normally...

Xibo is an open source digital signage platform with a web content management system (CMS). Prior to version 4.1.0, a cross-site scripting vulnerability in Xibo CMS allows authorized users to...

HIGH-LEIT V05.08.01.03 and HIGH-LEIT V04.25.00.00 to 4.25.01.01 for Windows from Vivavis contain an insecure file and folder permissions vulnerability in prunsrv.exe. A regular user (non-admin) can...