57 matches found
EUVD-2026-26797
A flaw has been found in ChatGPTNextWeb NextChat up to 2.16.1. This impacts an unknown function of the file Next.js of the component API Endpoint. Executing a manipulation can lead to permissive cross-domain policy with untrusted domains. The attack may be launched remotely. The exploit has been...
CVE-2026-5608
A vulnerability was detected in Belkin F9K1122 1.00.33. Affected is the function formWlanSetup of the file /goform/formWlanSetup. The manipulation of the argument webpage results in stack-based buffer overflow. The attack may be performed from remote. The exploit is now public and may be used. Th...
GO-2025-4227 Zitadel Discloses the Total Number of Instance Users in github.com/zitadel/zitadel
Zitadel Discloses the Total Number of Instance Users in github.com/zitadel/zitadel. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability scanners,...
EUVD-2020-24915
Malware in sbrugna...
EUVD-2020-24914
Malware in sbrugna...
EUVD-2019-18287
Malware in sbrugna...
EUVD-2021-17609
Malware in sbrugna...
EUVD-2022-45861
Malicious code in bioql PyPI...
EUVD-2022-35915
Malicious code in bioql PyPI...
EUVD-2025-10069
Malicious code in bioql PyPI...
EUVD-2021-32415
Malicious code in bioql PyPI...
PT-2025-30198 · Cyberark · Idp
Name of the Vulnerable Software and Affected Versions: affected versions not specified Description: The software contains an information disclosure issue that enables unauthorized access to sensitive data. Recommendations: At the moment, there is no information about a newer version that contains...
PT-2025-29587
Name of the Vulnerable Software and Affected Versions: VMware ESXi VMware Workstation VMware Fusion VMware Tools Description: The software contains an information disclosure issue due to the use of uninitialized memory in vSockets. A malicious actor with local administrative privileges on a virtu...
CVE-2025-7060 Monitorr Installer mkdbajax.php input validation
A vulnerability was found in Monitorr up to 1.7.6m. It has been classified as problematic. This affects an unknown part of the file assets/config/installation/mkdbajax.php of the component Installer. The manipulation of the argument datadir leads to improper input validation. It is possible to...
CVE-2025-6009
A vulnerability was found in kiCode111 like-girl 5.2.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/ipAddPost.php. The manipulation of the argument bz/ipdz leads to sql injection. The attack may be launched remotely. The exploit has been...
CVE-2020-12593
Symantec Endpoint Detection & Response, prior to 4.5, may be susceptible to an information disclosure issue, which is a type of vulnerability that could potentially allow unauthorized access to data...
CVE-2020-3644
u'Information disclosure issue occurs as in current logic Secure Touch session is released without terminating display session' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music,...
CVE-2020-9997
An information disclosure issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15.6, watchOS 6.2.8. A malicious application may disclose restricted memory...
CVE-2025-24144
An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.7, macOS Sequoia 15.3, macOS Sonoma 14.7.6, macOS Ventura 13.7.6, tvOS 18.3, visionOS 2.3, watchOS 11.3. An app may be able to leak sensitive kernel state...
CVE-2025-3956
A vulnerability has been found in 201206030 novel-cloud 1.4.0 and classified as critical. This vulnerability affects the function RestResp of the file novel-cloud-master/novel-book/novel-book-service/src/main/resources/mapper/BookInfoMapper.xml. The manipulation leads to sql injection. The attack...