CVE-2025-60127

Missing Authorization vulnerability in ArtistScope CopySafe Web Protection wp-copysafe-web allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CopySafe Web Protection: from n/a through = 5.1...

CVE-2025-60127

CopySafe Web Protection (Copy Protect Images) is listed as vulnerable under CVE-2025-60127 due to a Missing Authorization issue. The problem arises from incorrectly configured access control security levels, enabling unauthorized actions within the affected product. The vulnerability is associate...

CVE-2025-60127 WordPress CopySafe Web Protection plugin <= 5.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in ArtistScope CopySafe Web Protection wp-copysafe-web allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CopySafe Web Protection: from n/a through = 5.1...

CVE-2025-10745

The Banhammer – Monitor Site Traffic, Block Bad Users and Bots plugin for WordPress is vulnerable to Blocking Bypass in all versions up to, and including, 3.4.8. This is due to a site-wide “secret key” being deterministically generated from a constant character set using md5 and base64encode and...

CNAPP is the Solution to Multi-cloud Flexibility

Cloud-native application protection platform CNAPP not only helps organizations protect, but offers the flexibility of multi-cloud...

WordPress plugin CopySafe Web Protection 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

PT-2025-39487

Name of the Vulnerable Software and Affected Versions Banhammer – Monitor Site Traffic, Block Bad Users and Bots plugin for WordPress versions through 3.4.8 Description The Banhammer plugin for WordPress is susceptible to a blocking bypass. This occurs because a site-wide “secret key” is...

Cloud Security in the CNAPP Era: Eight Important Takeaways

Eight takeaways on why Trend Vision One™ embodies the best of today’s CNAPP vision. Includes insights from 2025 Gartner® Market Guide for CNAPP...

PT-2025-39574

Name of the Vulnerable Software and Affected Versions ArtistScope CopySafe Web Protection versions through 4.3 Description An authorization issue exists in ArtistScope CopySafe Web Protection due to incorrectly configured access control security levels. This allows for exploitation of the system...

Security Bulletin: TS4500 Tape Library/Diamondback Tape Library addresses security vulnerability CVE-2024-43192

Summary Certain HTML forms in the web GUI did not use anti-CSRF tokens, allowing attackers to trick authenticated users into performing unintended actions. The issue has been resolved by adding CSRF protection to the affected forms. Vulnerability Details CVEID:CVE-2024-43192 DESCRIPTION: IBM...

CVE-2025-10880

All versions of Dingtian DT-R002 are vulnerable to an Insufficiently Protected Credentials vulnerability that could allow an attacker to extract the proprietary "Dingtian Binary" protocol password by sending an unauthenticated GET request...

CVE-2025-10880 Insufficiently Protected Credentials in Dingtian DT-R002

All versions of Dingtian DT-R002 are vulnerable to an Insufficiently Protected Credentials vulnerability that could allow an attacker to extract the proprietary "Dingtian Binary" protocol password by sending an unauthenticated GET request...

CVE-2025-10879 Insufficiently Protected Credentials in Dingtian DT-R002

All versions of Dingtian DT-R002 are vulnerable to an Insufficiently Protected Credentials vulnerability that could allow an attacker to retrieve the current user's username without authentication...

CVE-2025-10879

CVE-2025-10879 affects all versions of the Dingtian DT-R002. The vulnerability is described as Insufficiently Protected Credentials that could allow an unauthenticated attacker to retrieve the current user’s username (and, per ICS docs, potentially extract the proprietary protocol password by an ...

CVE-2025-40838 Ericsson Indoor Connect 8855 - Insufficiently Protected Credentials Vulnerability

Ericsson Indoor Connect 8855 contains a vulnerability where server-side security can be bypassed in the client which if exploited can lead to unauthorized disclosure of certain information...

Dingtian DT-R002

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to retrieve credentials without authentication. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network...

Dingtian DT-R002 安全漏洞

The Dingtian DT-R002 is a repeater device from Dingtian China. A security vulnerability exists in the Dingtian DT-R002 that stems from insufficient credential protection and could allow an unauthenticated attacker to retrieve the current username...

CVE-2025-54520

CVE-2025-54520 describes an improper protection against voltage and clock glitches in FPGA devices, enabling a physically proximate attacker to undervolt the platform and cause a confidentiality loss. The vulnerability is associated with FPGA families such as Kintex 7-Series and Artix 7-Series in...

CVE-2025-47910

When using http.CrossOriginProtection, the AddInsecureBypassPattern method can unexpectedly bypass more requests than intended. CrossOriginProtection then skips validation, but forwards the original request path, which may be served by a different handler without the intended security protections...

CVE-2025-58670

Cross-Site Request Forgery CSRF vulnerability in Shankaranand Maurya WP Content Protection wp-content-protection allows Stored XSS.This issue affects WP Content Protection: from n/a through = 1.3...