D-Link DGS-1100 devices with Rev.B firmware 1.01.018 have a hardcoded SSL private key, which allows man-in-the-middle attackers to spoof devices by hijacking an HTTPS session. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.
D-Link
Authentication Bypass
Dgs 1100 Firmware
NVD
CVSS 3.0
8.1
EPSS
0.8%
An issue was discovered in Linux Containers (LXC) before 2016-02-22. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Authentication Bypass
Lxc
NVD
GitHub
CVSS 3.0
8.6
EPSS
0.3%