CVE-2025-14126 TOZED ZLT M30S/ZLT M30S PRO Web hard-coded credentials

A vulnerability has been found in TOZED ZLT M30S and ZLT M30S PRO 1.47/3.09.06. Affected is an unknown function of the component Web Interface. Such manipulation leads to hard-coded credentials. The attack needs to be initiated within the local network. The exploit has been disclosed to the publi...

CVE-2025-14126

The CVE-2025-14126 affects TOZED ZLT M30S and ZLT M30S PRO devices (versions 1.47 and 3.09.06) where a vulnerability exists in the Web Interface component that leads to hard-coded credentials being exposed. This requires local-network access and is supported by multiple sources in the Connected d...

PT-2025-49359

Name of the Vulnerable Software and Affected Versions TOZED ZLT M30S versions 1.47 and 3.09.06 TOZED ZLT M30S PRO versions 1.47 and 3.09.06 Description A security issue exists in TOZED ZLT M30S and ZLT M30S PRO devices. The issue involves hard-coded credentials within an unknown function of the W...

CVE-2025-64660

Improper access control in GitHub Copilot and Visual Studio Code allows an authorized attacker to execute code over a network...

openjdk: Enhance certificate handling (Oracle CPU 2025-10)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u461, 8u461-perf, 11.0.28, 17.0.16, 21.0.8, 25; Oracle GraalVM for JDK: 17.0.16 and 21.0.8; Oracl...

CVE-2025-62478

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems component: Object Store. The supported version that is affected is 8.8. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle ZFS Storage Appliance Kit...

EUVD-2025-34376

Weak authentication in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network...

CVE-2025-58718

Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network...

Remote Desktop Client Remote Code Execution Vulnerability

Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network...

PT-2025-42013

Name of the Vulnerable Software and Affected Versions Connected Devices Platform Service Cdpsvc affected versions not specified Description A use after free condition exists in the Connected Devices Platform Service Cdpsvc. This allows an unauthorized attacker to execute code over a network. A us...

CVE-2025-11646

CVE-2025-11646 affects Tomofun Furbo 360 (FB0035_FW_036 and earlier) and Furbo Mini (MC0020_FW_074 and earlier). The issue arises from improper access controls in the GATT Service component, enabling a local‑network attack. Public exploits are available. Remediation per PT Security advisory: upda...

EUVD-2019-12300

Malware in sbrugna...

EUVD-2021-16814

Malware in sbrugna...

EUVD-2021-16710

Malware in sbrugna...

EUVD-2017-2053

Malware in sbrugna...

EUVD-2018-14529

Malware in sbrugna...

EUVD-2017-12374

Malware in sbrugna...

EUVD-2018-14509

Malware in sbrugna...

EUVD-2019-6634

Malware in sbrugna...

EUVD-2018-1825

Malware in sbrugna...