It was discovered that the Western Digital My Cloud device through 2.30.x is affected by an authentication bypass vulnerability.
The administrative smart-commits resource in Atlassian Fisheye and Crucible before version 4.5.4 allows remote attackers to modify smart-commit settings via a Cross-site request forgery (CSRF) vuln
In Apache Karaf version prior to 3.0.9, 4.0.9, 4.1.1, when the webconsole feature is installed in Karaf, it is available at .../system/console and requires authentication to access it.
In Apache Karaf prior to 4.2.0 release, if the sshd service in Karaf is left on so an administrator can manage the running instance, any user with rights to the Karaf console can pivot and read/wri
Huawei Mate RS smartphones with the versions before NEO-AL00D 220.127.116.11(C786) have a lock-screen bypass vulnerability. An attacker could unlock and use the phone through certain operations.
Huawei smartphones Mate10 with versions earlier before ALP-AL00B 18.104.22.168(C00) have a Factory Reset Protection (FRP) bypass vulnerability.