| Page(s) : 1 ... 733 734 735 736 737 738 739 740 741 742 [743] 744 745 746 747 748 749 750 751 752 753 ... | Result(s) : 325902 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-03-18 | CVE-2025-30106 | cve | On IROAD v9 devices, the dashcam has hardcoded default credentials ("qwertyuiop") that cannot be changed by the user. This allows an attacker within Wi-Fi range to connect to th... |
| N/A | 2025-03-18 | CVE-2024-44313 | cve | TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the invoice() function within Orders.php which allows unauthorized users to access and generate invoices... |
| N/A | 2025-03-18 | CVE-2024-44314 | cve | TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the Orders Management System, allowing unauthorized users to update order statuses. The issue occurs in ... |
| 4.1 | 2025-03-18 | CVE-2024-49822 | cve | IBM QRadar Advisor 1.0.0 through 2.6.5 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the syste... |
| N/A | 2025-03-18 | CVE-2025-25580 | cve | yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the listNameBySql() method at /xml/UserMapper.xml. |
| N/A | 2025-03-18 | CVE-2025-25585 | cve | Incorrect access control in the component /config/WebSecurityConfig.java of yimioa before v2024.07.04 allows unauthorized attackers to arbitrarily modify Administrator passwords. |
| N/A | 2025-03-18 | CVE-2025-25590 | cve | yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the component /mapper/xml/AddressDao.xml. |
| 2.4 | 2025-03-18 | CVE-2025-2491 | cve | A vulnerability classified as problematic has been found in Dromara ujcms 9.7.5. This affects the function update of the file /main/java/com/ujcms/cms/ext/web/backendapi/WebFile... |
| N/A | 2025-03-18 | CVE-2025-30107 | cve | On IROAD V9 devices, Managing Settings and Obtaining Sensitive Data and Sabotaging the Car Battery can be performed by unauthorized parties. A vulnerability in the dashcam'... |
| N/A | 2025-03-18 | CVE-2025-30109 | cve | In the IROAD APK 5.2.5, there are Hardcoded Credentials in the APK for ports 9091 and 9092. The mobile application for the dashcam contains hardcoded credentials that allow an a... |
| N/A | 2025-03-18 | CVE-2025-30110 | cve | On IROAD X5 devices, a Bypass of Device Pairing can occur via MAC Address Spoofing. The dashcam's pairing mechanism relies solely on MAC address verification, allowing an a... |
| N/A | 2025-03-18 | CVE-2025-30111 | cve | On IROAD v9 devices, one can Remotely Dump Video Footage and the Live Video Stream. The dashcam exposes endpoints that allow unauthorized users, who gained access through other ... |
| N/A | 2025-03-18 | CVE-2025-30113 | cve | An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Hardcoded Credentials exist in the APK for Ports 9091 and 9092. The dashcam's Android application... |
| N/A | 2025-03-18 | CVE-2025-30114 | cve | An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Bypassing of Device Pairing can occur. The pairing mechanism relies solely on the connecting device�... |
| N/A | 2025-03-18 | CVE-2025-30115 | cve | An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Default Credentials Cannot Be Changed. It uses a fixed default SSID and password ("qwertyuiop"), which... |
| N/A | 2025-03-18 | CVE-2025-30116 | cve | An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Remotely Dumping of Video Footage and the Live Video Stream can occur. It allows remote attackers to a... |
| N/A | 2025-03-18 | CVE-2025-30117 | cve | An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Managing Settings and Obtaining Sensitive Data and Sabotaging the Car Battery can be performed by unau... |
| N/A | 2025-03-18 | CVE-2025-30122 | cve | An issue was discovered on ROADCAM X3 devices. It has a uniform default credential set that cannot be modified by users, making it easy for attackers to gain unauthorized access... |
| N/A | 2025-03-18 | CVE-2025-30123 | cve | An issue was discovered on ROADCAM X3 devices. The mobile app APK (Viidure) contains hardcoded FTP credentials for the FTPX user account, enabling attackers to gain unauthorized... |
| N/A | 2025-03-18 | CVE-2025-30132 | cve | An issue was discovered on IROAD Dashcam V devices. It uses an unregistered public domain name as an internal domain, creating a security risk. During analysis, it was found tha... |
| Page(s) : 1 ... 733 734 735 736 737 738 739 740 741 742 [743] 744 745 746 747 748 749 750 751 752 753 ... | Result(s) : 325902 |
