CVE-2026-36176

GNCC GP5 v7.1.76 was discovered to store pre-signed Backblaze B2 upload URLs PUT requests in plaintext to the serial console. This allows physically-proximate attackers to extract these active tokens to perform unauthorized operations via monitoring the serial UART interface...

CVE-2026-36176

GNCC GP5 v7.1.76 stores pre-signed Backblaze B2 upload URLs (PUT requests) in plaintext on the serial console. This enables physically proximate attackers to extract active tokens and perform unauthorized operations via the serial UART interface. Root cause: tokens exposed in plaintext to the con...

PT-2026-46245

GNCC GP5 v7.1.76 was discovered to store pre-signed Backblaze B2 upload URLs PUT requests in plaintext to the serial console. This allows physically-proximate attackers to extract these active tokens to perform unauthorized operations via monitoring the serial UART interface...

EUVD-2026-34279

GNCC GP5 v7.1.76 was discovered to store pre-signed Backblaze B2 upload URLs PUT requests in plaintext to the serial console. This allows physically-proximate attackers to extract these active tokens to perform unauthorized operations via monitoring the serial UART interface...

D-Link DIR-605L 信任管理问题漏洞

The D-Link DIR-605L is a wireless router produced by D-Link Corporation. The D-Link DIR-605L Hardware Revision B2 version has a vulnerability related to trust management. This vulnerability stems from a hard-coded telnet backdoor, which allows unauthenticated attackers on the local network to...

[SECURITY] Fedora 42 Update: rclone-1.72.1-1.fc42

"rsync for cloud storage" - Google Drive, S3, Dropbox, Backblaze B2, One Driv e, Swift, Hubic, Wasabi, Google Cloud Storage, Azure Blob, Azure Files, Yandex Files...

[SECURITY] Fedora 43 Update: rclone-1.72.1-1.fc43

"rsync for cloud storage" - Google Drive, S3, Dropbox, Backblaze B2, One Driv e, Swift, Hubic, Wasabi, Google Cloud Storage, Azure Blob, Azure Files, Yandex Files...

CVE-2022-23653

B2 Command Line Tool is the official command line tool for the backblaze cloud storage service. Linux and Mac releases of the B2 command-line tool version 3.2.0 and below contain a key disclosure vulnerability that, in certain conditions, can be exploited by local attackers through a...

[SECURITY] Fedora 41 Update: restic-0.18.1-1.fc41

Fast, secure, efficient backup program. restic supports the following backends for storing backups natively: Local directory sftp server via SSH HTTP REST server protocol, rest-server Amazon S3 either from Amazon or using the Minio server OpenStack Swift BackBlaze B2 Microsoft Azure Blob Storage...

EUVD-2002-1447

Malware in sbrugna...

EUVD-2006-6813

Malware in sbrugna...

EUVD-2007-2285

Malware in sbrugna...

EUVD-2002-0726

Malware in sbrugna...

EUVD-2025-31217

Malicious code in bioql PyPI...

EUVD-2022-0029

Malicious code in bioql PyPI...

CVE-2025-60251

Unitree Go2, G1, H1, and B2 devices through 2025-09-20 accept any handshake secret with the unitree substring...

CVE-2025-60017

Unitree Go2, G1, H1, and B2 devices through 2025-09-20 allow root OS command injection via the hostapdrestart.sh wifissid or wifipass parameter within restartwifiap and restartwifista...

CVE-2025-60250

Unitree Go2, G1, H1, and B2 devices through 2025-09-20 decrypt BLE packet data by using the df98b715d5c6ed2b25817b6f2554124a key and the 2841ae97419c2973296a0d4bdfe19a4f IV...

CVE-2025-35027

Multiple robotic products by Unitree sharing a common firmware, including the Go2, G1, H1, and B2 devices, contain a command injection vulnerability. By setting a malicious string when configuring the on-board WiFi via a BLE module of an affected robot, then triggering a restart of the WiFi...

CVE-2025-35027

Multiple robotic products by Unitree sharing a common firmware, including the Go2, G1, H1, and B2 devices, contain a command injection vulnerability. By setting a malicious string when configuring the on-board WiFi via a BLE module of an affected robot, then triggering a restart of the WiFi...