VYPR
← All vendors
Vendor

Sight

Products
2
CVEs
3
Across products
3
Status
Private

Products

2

Recent CVEs

3
  • CVE-2025-6521HigJun 27, 2025
    Sight
    Sight Bulb Pro
    risk 0.49cvss 7.6epss 0.00

    During the initial setup of the device the user connects to an access point broadcast by the Sight Bulb Pro. During the negotiation, AES Encryption keys are passed in cleartext. If captured, an attacker may be able to decrypt communications between the management app and the…

  • CVE-2025-6522MedJun 27, 2025
    Sight
    Sight Bulb Pro
    risk 0.35cvss 5.4epss 0.00

    Unauthenticated users on an adjacent network with the Sight Bulb Pro can run shell commands as root through a vulnerable proprietary TCP protocol available on Port 16668. This vulnerability allows an attacker to run arbitrary commands on the Sight Bulb Pro by passing a well…

  • CVE-2024-9025Sep 26, 2024
    Sight
    Sight – Professional Image Gallery and Portfolio
    risk 0.00cvss epss 0.00

    The Sight – Professional Image Gallery and Portfolio plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'handler_post_title' function in all versions up to, and including, 1.1.2. This makes it possible for unauthenticated…