In GLPI after version 0.83.3 and before version 9.4.6, the CSRF tokens are generated using an insecure algorithm. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
CSRF
Glpi
Fedora
NVD
GitHub
CVSS 3.1
9.3
EPSS
0.8%
SAE IT-systems FW-50 Remote Telemetry Unit (RTU). Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Path Traversal
Net Line Fw 50 Firmware
NVD
CVSS 3.1
9.1
EPSS
1.4%