CWE-489: CWE-489

This CVE allows attackers to bypass Secure Boot restrictions by accessing the UEFI Shell in Ubuntu systems with vulnerable edk2 firmware. This could e...

Active debug code vulnerability in RoamWiFi R10 devices allows network-adjacent unauthenticated attackers to perform unauthorized operations. This aff...

CVE-2022-25995 is a command execution vulnerability in the console inhand functionality of InHand Networks InRouter302 devices. Attackers can send spe...

This vulnerability allows remote attackers to execute arbitrary code on systems running vulnerable versions of Naver Comic Viewer. Attackers can explo...

This vulnerability in Cisco RCM for Cisco StarOS Software allows unauthenticated remote attackers to execute arbitrary commands with root privileges b...

Smart Video Doorbell devices with firmware versions before 2.01.078 contain active debug code that enables Telnet access. Attackers can connect via Te...

This CVE involves active debug code in Intel UEFI reference platforms that could allow a privileged attacker to escalate privileges and cause denial o...

This vulnerability in Ghostscript with Tesseract OCR allows attackers to read arbitrary files and write error messages to arbitrary locations via dire...

This vulnerability allows remote unauthenticated attackers to bypass authentication on Mitsubishi Electric industrial robot controllers via unauthoriz...

This vulnerability allows attackers with access to the UniFi Talk management network to invoke internal debug operations through the device API due to...

This vulnerability allows attackers with cryptographic material to gain root access to B. Braun medical devices due to active debug code left in produ...

This critical vulnerability in Netis WF-2404 routers allows attackers with physical access to activate test or debug logic via the UART interface, pot...

This vulnerability affects multiple Siemens SIPROTEC 5 protection relay devices. It allows unauthenticated attackers with physical access to execute a...

This Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Enterprise Portal allows unauthenticated attackers to inject malicious scripts that exe...

An active debug code vulnerability in Fortinet FortiClient for Windows allows local attackers to step through the application execution and retrieve s...

This vulnerability allows unauthorized access to sensitive information when logs are captured, as eSE debug messages containing potentially sensitive ...

An active debug code vulnerability in Mesh Wi-Fi router RP562B firmware allows network-adjacent authenticated attackers to access or modify device set...

A vulnerability in serial device servers allows attackers with physical access to connect to the UART interface and gain unauthorized access to intern...