Ushahidi before 2.6.1 has insufficient entropy for forgot-password tokens. Date published : 2020-02-04 http://www.openwall.com/lists/oss-security/2012/12/04/1 https://github.com/ushahidi/Ushahidi_Web/commit/e8c7ecd42818c331db8945d20f8b1865bc6d157e
D-Link DIR-100 4.03B07 has PPTP and poe information disclosure Date published : 2020-02-04 http://pigstarter.krebsco.de/report/2013-12-18_dir100.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/90903
D-Link DIR-100 4.03B07: cli.cgi XSS Date published : 2020-02-04 http://pigstarter.krebsco.de/report/2013-12-18_dir100.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/90906
D-Link DIR-100 4.03B07: cli.cgi CSRF Date published : 2020-02-04 http://pigstarter.krebsco.de/report/2013-12-18_dir100.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/90905
D-Link DIR-100 4.03B07: security bypass via an error in the cliget.cgi script Date published : 2020-02-04 http://pigstarter.krebsco.de/report/2013-12-18_dir100.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/90902
D-Link DIR-100 4.03B07: cli.cgi security bypass due to failure to check authentication parameters Date published : 2020-02-04 http://pigstarter.krebsco.de/report/2013-12-18_dir100.txt http://www.exploit-db.com/exploits/31425
Cisco Linksys E4200 1.0.05 Build 7 routers contain a Local File Include Vulnerability which could allow remote attackers to obtain sensitive information or execute arbitrary code by sending a crafted URL request to the...
Brother MFC-9970CDW 1.10 firmware L devices contain an information disclosure vulnerability which allows remote attackers to view private IP addresses and other sensitive information. Date published : 2020-02-04 https://www.securityfocus.com/bid/59726 http://packetstormsecurity.com/files/121553/Brother-MFC-9970CDW-Firmware-0D-Cross-Site-Scripting.html
webcalendar before 1.2.7 shows the reason for a failed login (e.g., "no such user"). Date published : 2020-02-04 http://www.openwall.com/lists/oss-security/2013/07/22/8 http://www.openwall.com/lists/oss-security/2013/07/25/4
A vulnerability exists in in FortiManager 5.2.1 and earlier and 5.0.10 and earlier in the WebUI FTP backup page Date published : 2020-02-04 https://fortiguard.com/psirt/FG-IR-15-011 http://www.securityfocus.com/bid/74444
A Cross-site Scripting (XSS) vulnerability exists in FortiManager 5.2.1 and earlier and 5.0.10 and earlier via an unspecified parameter in the FortiWeb auto update service page. Date published : 2020-02-04 https://fortiguard.com/psirt/FG-IR-15-011 http://www.securityfocus.com/bid/74444
A Command Injection vulnerability exists in FortiManager 5.2.1 and earlier and FortiManager 5.0.10 and earlier via unspecified vectors, which could let a malicious user run systems commands when executing a report. Date published :...
An Information Disclosure vulnerability exists in HP SiteScope 11.2 and 11.3 on Windows, Linux and Solaris, HP Asset Manager 9.30 through 9.32, 9.40 through 9.41, 9.50, and Asset Manager Cloudsystem Chargeback 9.40, which could...
Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb. Date published : 2020-02-04 https://security.netapp.com/advisory/ntap-20200221-0003/ https://bugs.python.org/issue36260