Resource Data Management (RDM) Intuitive 650 TDB Controller devices before 2.1.24 allow remote authenticated users to modify arbitrary passwords via unspecified vectors.
Monthly Archives: May 2016
CVE-2016-4506
Cross-site request forgery (CSRF) vulnerability on Resource Data Management (RDM) Intuitive 650 TDB Controller devices before 2.1.24 allows remote authenticated users to hijack the authentication of arbitrary users.
CVE-2016-4521
Sixnet BT-5xxx and BT-6xxx M2M devices before 3.8.21 and 3.9.x before 3.9.8 have hardcoded credentials, which allows remote attackers to obtain access via unspecified vectors.
CVE-2016-4784
The integrated web server in the EN100 Ethernet module before 4.27 on Siemens SIPROTEC 4 and SIPROTEC Compact devices, and the Ethernet Service Interface on SIPROTEC Compact devices, allows remote attackers to obtain sensitive information via an HTTP request.
CVE-2016-4785
The integrated web server in the EN100 Ethernet module before 4.27 on Siemens SIPROTEC 4 and SIPROTEC Compact devices allows remote attackers to obtain sensitive information from device memory via an HTTP request.
RHBA-2016:1136-1: Red Hat Certification bug fix and enhancement update
Red Hat Enterprise Linux: An updated redhat-certification package that fixes several bugs and adds various
enhancements is now available for Red Hat Enterprise Linux 6 and Red Hat
Enterprise Linux 7.
GLSA 201605-05: Linux-PAM: Multiple vulnerabilities
GLSA 201605-06: Mozilla Products: Multiple vulnerabilities
FlatPress 1.0.3 Cross Site Request Forgery / Shell Upload
FlatPress version 1.0.3 suffers from cross site request forgery and remote shell upload vulnerabilities.