CVE-2025-27851

The locally served web site on the Garmin WDU v1 1.4.6 and v2 5.0 allows a cross-site origin WebSocket hijacking attack. Among other uses, the WDU utilizes WebSockets to control settings, including administrative settings. This allows a network attacker to take full control of a WDU. To initiate ...

EUVD-2025-209829

The locally served web site on the Garmin WDU v1 1.4.6 and v2 5.0 allows a cross-site origin WebSocket hijacking attack. Among other uses, the WDU utilizes WebSockets to control settings, including administrative settings. This allows a network attacker to take full control of a WDU. To initiate ...

CVE-2025-27851

The CVE-2025-27851 entry concerns Garmin WDU devices (versions v1 1.4.6 and v2 5.0). The vulnerability is a cross-site origin WebSocket hijacking flaw on the locally served web interface, enabling a network attacker to take full control of a WDU by abusing WebSockets used to manage settings, incl...

CVE-2025-27851

The locally served web site on the Garmin WDU v1 1.4.6 and v2 5.0 allows a cross-site origin WebSocket hijacking attack. Among other uses, the WDU utilizes WebSockets to control settings, including administrative settings. This allows a network attacker to take full control of a WDU. To initiate ...

PT-2026-40796

Name of the Vulnerable Software and Affected Versions Garmin WDU version 1.4.6 Garmin WDU version 5.0 Description The locally served web site allows a cross-site origin WebSocket hijacking attack. The system utilizes WebSockets to manage settings, including administrative configurations, which...

CVE-2026-1044

CVE-2026-1044 concerns the WordPress plugin Tennis Court Bookings (

CVE-2025-62716 Plane Vulnerable to Cross-Site Scripting via Open Redirect in ?next_path Parameter

Plane is open-source project management software. Prior to version 1.1.0, an open redirect vulnerability in the ?nextpath query parameter allows attackers to supply arbitrary schemes e.g., javascript: that are passed directly to router.push. This results in a cross-site scripting XSS vulnerabilit...

EUVD-2008-1341

Malware in sbrugna...

EUVD-2009-4789

Malware in sbrugna...

EUVD-2018-7483

Malware in sbrugna...

EUVD-2018-8533

Malware in sbrugna...

EUVD-2012-1199

Malware in sbrugna...

EUVD-2013-5029

Malware in sbrugna...

EUVD-2022-31835

Malicious code in bioql PyPI...

PT-2025-35817

Name of the Vulnerable Software and Affected Versions: Ruijie RG-ES series switch firmware version ESW 1.01B1P39 Description: A vulnerability in the Ruijie RG-ES series switch firmware enables remote attackers to bypass authentication mechanisms, granting them unrestricted access to modify...

CVE-2002-2356

HAMweather 2.x allows remote attackers to modify administrative settings and obtain sensitive information via a direct request to hwadmin.cgi...

CVE-2025-2570

Mattermost versions 10.5.x = 10.5.3, 9.11.x = 9.11.11 fail to check RestrictSystemAdmin setting if user doesn't have access to ExperimentalSettings which allows a System Manager to access ExperimentSettings when RestrictSystemAdmin is true via System Console...

WordPress plugin Tabellen von faustball.com 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Plugin FancyBox for WordPress 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress Plugin Ultimate Dashboard Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...