Sunshine is a self-hosted game stream host for Moonlight. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
WriteFreely through 0.15.1, when MySQL is used, allows local users to discover credentials by reading config.ini. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
This vulnerability exists in the CP Plus Router due to insecure handling of cookie flags used within its web interface. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Improper permission settings for mobile applications (com.transsion.carlcare) may lead to information leakage risk. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The a+HRD from aEnrich Technology has an Insecure Deserialization vulnerability, allowing remote attackers with database modification privileges and regular system privileges to perform arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.