7.1
CVE-2025-4675 - Improper implementation of Modbus protocol leading to DOS attack
Improper Check for Unusual or Exceptional Conditions vulnerability in ABB WebPro SNMP Card PowerValue, ABB WebPro SNMP Card PowerValue UL.This issue affects WebPro SNMP Card PowerValue: through 1.1.8.K; WebPro SNMP Card PowerValue UL: through 1.1.8.K.
8.6
CVE-2026-22536 - PRIVILEGE ESCALATION VIA SUDO COMMAND
The absence of permissions control for the user XXX allows the current configuration in the sudoers file to escalate privileges without any restrictions
8.9
CVE-2026-22535 - FRAIL SECURITY IN MQTT PROTOCOL ALLOWS AN ATTACKER MODIFY CRITICAL PARAMETERS
An attacker with the ability to interact through the network and with access credentials, could, thanks to the unsecured (unencrypted) MQTT communications protocol, write on the server topics of the board that controls the MQTT communications
4.9
CVE-2026-20029 - Cisco Identity Services Engine XML External Entity Processing Information Disclosure Vulnerability
A vulnerability in the licensing features of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker with administrative privileges to gain access to sensitive information. This vulnerability is due to improβ¦
5.3
CVE-2026-20027 - Cisco Snort DCERPC Stub Data Out of Bounds Read
Multiple Cisco products are affected by a vulnerability in the processing of DCE/RPC requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or to restart, resulting in an interruption of packet inspection. This vulnerabilβ¦
5.8
CVE-2026-20026 - Multiple Cisco Products Snort 3 DCERPC Vulnerabilities
Multiple Cisco products are affected by a vulnerability in the processing of DCE/RPC requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or to restart, resulting in an interruption of packet inspection. This vulneβ¦
8.7
CVE-2026-22544 - EXCHANGE OF CREDENTIALS IN CLEAR TEXT
An attacker with a network connection could detect credentials in clear text.
6.9
CVE-2026-22543 - WEEK ENCODING FOR PASSWORDS
The credentials required to access the device's web server are sent in base64 within the HTTP headers. Since base64 is not considered a strong cipher, an attacker could intercept the web request handling the login and obtain the credentials
9.2
CVE-2026-22542 - DENIAL OF SERVICE FOR CONCURRENT CONNECTIONS ON TELNET
An attacker with access to the system's internal network can cause a denial of service on the system by making two concurrent connections through the Telnet service.
4.9
CVE-2025-62327 - HCL DevOps Deploy is susceptible to insufficiently protected credentials
In HCL DevOps Deploy 8.1.2.0 through 8.1.2.3, a user with LLM configuration privileges may be able to recover a credential previously saved for performing authenticated LLM Queries.