CVE-2025-34224

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 22.0.1049 and Application prior to version 20.0.2786 VA/SaaS deployments expose a set of PHP scripts under the consolerelease directory without requiring authentication. An unauthenticated remote attacker can invoke these...

CVE-2025-34224

Vasion Print (formerly PrinterLogic) Virtual Appliance Host (VA) and Application (VA/SaaS deployments) are affected. Prior to versions 22.0.1049 (Host) and 20.0.2786 (Application) expose PHP scripts under the console_release directory without authentication. An unauthenticated attacker can invoke...

Noisy Networks, Nosy Neighbors: Inferring Privacy Invasive Information from Encrypted Wireless Traffic

This thesis explores the extent to which passive observation of wireless traffic in a smart home environment can be used to infer privacy-invasive information about its inhabitants. Using a setup that mimics the capabilities of a nosy neighbor in an adjacent flat, we analyze raw 802.11 packets an...

Archer Health Data Leak Exposes 23GB of Medical Records

California-based Archer Health exposed 23GB of patient records, including SSNs, IDs, and medical files, after an unprotected database was found online...

CVE-2025-10947 Sistemas Pleno Gestão de Locação CPF validarCpf authorization

A flaw has been found in Sistemas Pleno Gestão de Locação up to 2025.7.x. The impacted element is an unknown function of the file /api/areacliente/pessoa/validarCpf of the component CPF Handler. Executing a manipulation of the argument pescpf can lead to authorization bypass. The attack can be...

MINI-WQVX-XFHG-C5QX

Bulletin has no description...

CVE-2025-10057

creationtimestamp| type| source ---|---|--- 2025-09-17 07:08:07+00:00| seen| https://gist.github.com/Darkcrai86/d550ee3bb2fac44c20aa5bd182cc3a84 2025-09-17 07:55:27+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lyzebogyne2c...

CVE-2024-43742

creationtimestamp| type| source ---|---|--- 2025-09-16 23:16:38+00:00| seen| MISP/be792712-f638-4d7d-b62d-4f5032e86764 2025-09-18 16:44:33+00:00| seen| MISP/be792712-f638-4d7d-b62d-4f5032e86764...

CVE-2023-53219

In the Linux kernel, the following vulnerability has been resolved: media: netupunidvb: fix use-after-free at deltimer When Universal DVB card is detaching, netupunidvbdmafini uses deltimer to stop dma-timeout timer. But when timer handler netupunidvbdmatimeout is running, deltimer could not stop...

ECHO-227B-51EE-82A3

Bulletin has no description...

ECHO-E1CE-691B-46ED

Bulletin has no description...

ECHO-7625-746A-0E67

Bulletin has no description...

Vanquish

It is an offensive tool for enumeration. The tool is called Vanquish, and it is designed to perform multiple active information gathering phases on a target system. It is built in Python and leverages various open-source enumeration tools on Kali Linux. The tool can be installed using the command...

pentestdb

This is a repository of penetration testing tools and resources, specifically designed for web application security testing. The repository is called "pentestdb" and is maintained by a user named "alpha1e0". The repository contains a variety of tools and resources, including: 1. Exploit systems: ...

CVE-2025-10367

The CVE-2025-10367 entry concerns MiczFlor RPi-Jukebox-RFID (up to version 2.8.0) with an issue in /htdocs/cardEdit.php that allows cross-site scripting. The vulnerability can be exploited remotely and the public exploit has been disclosed. Multiple connected sources corroborate the affected soft...

CVE-2025-10328

A security vulnerability has been detected in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this issue is some unknown functionality of the file /htdocs/api/playlist/playsinglefile.php. The manipulation of the argument File leads to os command injection. The attack may be initiated remotely...

Palo Alto Networks User-ID Credential Agent 安全漏洞

Palo Alto Networks User-ID Credential Agent is a component of Palo Alto Networks, Inc. that has the capability to collect the correspondence between a user's identity and IP address. A security vulnerability exists in the Palo Alto Networks User-ID Credential Agent that originates from a specific...

Linux Distros Unpatched Vulnerability : CVE-2021-34749

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in Server Name Identification SNI request filtering of Cisco Web Security Appliance WSA, Cisco Firepower Threat Defense FTD, and the Snort...

CVE-2025-38736

In the Linux kernel, the following vulnerability has been resolved: net: usb: asixdevices: Fix PHY address mask in MDIO bus initialization Syzbot reported shift-out-of-bounds exception on MDIO bus initialization. The PHY address should be masked to 5 bits 0-31. Without this mask, invalid PHY...

CVE-2025-9935

creationtimestamp| type| source ---|---|--- 2025-09-04 05:45:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lxygwnjrwx2z...