374 matches found
CVE-2025-65397
The CVE-2025-65397 entry concerns Blurams Flare Camera versions prior to 24.1114.151.929. A vulnerability in the safe_exec.sh startup script allows an attacker with physical access to execute arbitrary commands with root privileges when the file /opt/images/public_key.der is absent and a maliciou...
PT-2026-2920
Name of the Vulnerable Software and Affected Versions Blurams Flare Camera versions prior to 24.1114.151.929 Description An insecure authentication mechanism exists in the safe exec.sh startup script. This allows an attacker with physical access to the device to execute arbitrary commands with ro...
CVE-2025-65396
Affected product: Blurams Flare Camera (versions 24.1114.151.929 and earlier). Vulnerability cause: In the boot process, a read error from the SPI flash memory is induced by shorting a data pin to ground, allowing a physically proximate attacker to hijack the boot mechanism and gain a bootloader ...
CVE-2025-65397
An insecure authentication mechanism in the safeexec.sh startup script of Blurams Flare Camera version 24.1114.151.929 and earlier allows an attacker with physical access to the device to execute arbitrary commands with root privileges, if file /opt/images/publickey.der is not present in the file...
Blurams Flare Camera 安全漏洞
Blurams Flare Camera is a webcam from Blurams USA. A security vulnerability exists in Blurams Flare Camera 24.1114.151.929 and earlier versions, which stems from an insecure authentication mechanism that could lead to the execution of arbitrary commands...
Russia-Linked Hackers Use Microsoft 365 Device Code Phishing for Account Takeovers
A suspected Russia-aligned group has been attributed to a phishing campaign that employs device code authentication workflows to steal victims' Microsoft 365 credentials and conduct account takeover attacks. The activity, ongoing since September 2025, is being tracked by Proofpoint under the...
EUVD-2025-178538
Malicious code in hermes-dactyl-canopus-flare npm...
EUVD-2025-176268
Malicious code in spectron-flare-css-loader-tethys npm...
EUVD-2025-180394
Malicious code in apex-titan-babel-flare npm...
EUVD-2025-178705
Malicious code in global-cassini-hexo-flare npm...
EUVD-2025-180087
Malicious code in betelgeuse-nodejs-hugo-flare npm...
EUVD-2025-178395
Malicious code in inquirer-flare-sass-loader-tectonic npm...
EUVD-2025-177793
Malicious code in mocha-neptunology-flare-galaxy npm...
EUVD-2025-179180
Malicious code in electron-nconf-callisto-flare npm...
Malicious code in ganymede-flare-aurora-membrane (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0243563bbd76210b34b5e68a36b4784afe93fd2191c332071ac47dab89494808 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-175492
Malicious code in xerxes-coronalmassejection-flare-filament npm...
EUVD-2025-178781
Malicious code in ganymede-flare-aurora-membrane npm...
EUVD-2025-177869
Malicious code in meteor-bionics-schema-flare npm...
EUVD-2025-178888
Malicious code in flare-backend-jsonp-orogeny npm...
EUVD-2025-178884
Malicious code in flare-sirius-parallax-cross-env npm...