A vulnerability has been identified in SIMATIC HMI Unified Comfort Panels (All versions <= V16). Affected devices insufficiently validate authentication attempts as the information given can be truncated to match only a set number of characters versus the whole provided string. This could allow a remote attacker to discover user passwords and obtain access to the Sm@rt Server via a brute-force attack.

The ThemeREX Addons plugin before 2020-03-09 for WordPress lacks access control on the /trx_addons/v2/get/sc_layout REST API endpoint, allowing for PHP functions to be executed by any users, because includes/plugin.rest-api.php calls trx_addons_rest_get_sc_layout with an unsafe sc parameter.

The unite-gallery-lite plugin before 1.5 for WordPress has CSRF and SQL injection via wp-admin/admin.php galleryid or id parameters.

The unite-gallery-lite plugin before 1.5 for WordPress has SQL injection via data[galleryID] to wp-admin/admin-ajax.php.

The unite-gallery-lite plugin before 1.5 for WordPress has CSRF and SQL injection via wp-admin/admin-ajax.php in a unitegallery_ajax_action operation.

A vulnerability in the web-based management interface of VVX, Trio, SoundStructure, SoundPoint, and SoundStation phones running Polycom UC Software, if exploited, could allow an authenticated, remote attacker with admin privileges to cause a denial of service (DoS) condition or execute arbitrary code.

Data Corruption in Intel Unite(R) Client before version 3.3.176.13 may allow an unauthenticated user to potentially cause a denial of service via network access.

A logic issue in Intel Unite(R) Client for Android prior to version 4.0 may allow a remote attacker to potentially enable escalation of privilege via network access.

Authentication bypass in the Intel Unite(R) solution versions 3.2 through 3.3 may allow an unauthenticated user to potentially enable escalation of privilege to the Intel Unite(R) Solution administrative portal via network access.

Escalation of privilege vulnerability in admin portal for Intel Unite App versions 3.1.32.12, 3.1.41.18 and 3.1.45.26 allows an attacker with network access to cause a denial of service and/or information disclosure.