A vulnerability in Cisco Smart Licensing Utility (CSLU) could allow an unauthenticated, remote …

Numerous Plugins and Themes from the AccessPress Themes (aka Access Keys) vendor are backdoored…

The affected product is vulnerable due to an undocumented interface found on the device, which …

A malicious backdoor was embedded in the official ProFTPD 1.3.3c source tarball distributed bet…

Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-…

OpenClinic GA 5.09.02 contains a hidden default user account that may be accessed if an adminis…

A command execution vulnerability exists in the hidden telnet service functionality of Netgear …

A command execution vulnerability exists in the ubus backend communications functionality of Ne…

A unauthenticated backdoor exists in the configuration server functionality of Cosori Smart 5.8…

MvcTools 6d48cd6830fc1df1d8c9d61caa1805fd6a1b7737 was discovered to contain a code execution ba…

Kentico Xperience before 13.0.178 has a specific set of allowed ContentUploader file extensions…

A vulnerability was found in ua-parser-js 0.7.29/0.8.0/1.0.0. It has been rated as critical. Th…

vSphere_selfuse commit 2a9fe074a64f6a0dd8ac02f21e2f10d66cac5749 was discovered to contain a cod…

Espressif ESP32 chips allow 29 hidden HCI commands, such as 0xFC02 (Write memory).

A static login vulnerability exists in the wctrls functionality of Wavlink AC3000 M33A8.V5030.2…

A backdoor in Solar-Log Gateway products allows remote access via web panel gaining super admin…

An additional, nondocumented administrative account exists in mySCADA myPRO Versions 8.20.0 and…

Passhunt commit 54eb987d30ead2b8ebbf1f0b880aa14249323867 was discovered to contain a code execu…

The "monitor" binary in the firmware of the affected product attempts to mount to a hard-coded,…

Certain models of D-Link wireless routers have a hidden functionality where the telnet service …

All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server may allow an attac…

Hidden functionality vulnerability in the CBC products allows a remote authenticated attacker t…

In WAGO Unmanaged Switch (852-111/000-001) in firmware version 01 an undocumented configuration…

On ORing net IAP-420(+) with FW version 2.0m a telnet server is enabled by default and cannot p…

A vulnerability in DSP driver prior to SMR Mar-2021 Release 1 allows attackers load arbitrary E…

NEC Platforms DT900 and DT900S Series 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20 allows an attack…

An unauthenticated remote attacker can exploit a hidden function in the CLI prompt to escape th…

A vulnerability classified as problematic was found in Typecho 1.2.1. Affected by this vulnerab…

Hidden functionality issue in multiple digital video recorders provided by TAKENAKA ENGINEERING…

In Snap One OvrC Pro versions prior to 7.2, when logged into t…

Hidden Functionality vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG…

Longse model LBH30FE200W cameras, as well as products based on this device, provide an unrestri…

Certain models of D-Link wireless routers contain hidden functionality. By sending specific pac…

The Go1 also known as "The World's First Intelligence Bionic Quadruped Robot Companion of Consu…

A hidden, persistent backdoor was found in Yarbo firmware v2.3.9 that provides remote, unauthen…

The product is vulnerable to pass-the-hash attacks in combination with hardcoded credentials of…

PAX Android based POS devices with PayDroid_8.1.0_Sagittarius_V11.1.45_20230314 or earlier can …

Multiple versions of RG-EST300 provided by Ruijie Networks provide SSH server functionality. It…

SOOP-CLM developed by PiExtract has a Hidden Functionality vulnerability, allowing privileged r…

In Moodle, in some circumstances, email notifications of messages could have the link back to t…