EUVD-2018-11727

Malware in sbrugna...

EUVD-2022-24389

Malicious code in bioql PyPI...

EUVD-2025-22337

Malicious code in bioql PyPI...

CVE-2025-7371

Okta On-Premises Provisioning OPP agents log certain user data during administrator-initiated password resets. This vulnerability allows an attacker with access to the local servers running OPP agents to retrieve user personal information and temporary passwords created during password reset. You...

CVE-2025-24656

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Realtyna Realtyna Provisioning realtyna-provisioning allows Reflected XSS.This issue affects Realtyna Provisioning: from n/a through = 1.2.2...

Lenovo Dolby Vision Provisioning 安全漏洞

Lenovo Dolby Vision Provisioning is a Dolby Vision Provisioning software from Lenovo China. A security vulnerability exists in Lenovo Dolby Vision Provisioning prior to version 2.0.0.2, which stems from an information disclosure vulnerability that could allow a local attacker to read files on the...

CVE-2022-1041

In Zephyr bluetooth mesh core stack, an out-of-bound write vulnerability can be triggered during provisioning...

Cisco Prime Collaboration Provisioning 跨站脚本漏洞

Cisco Prime Collaboration Provisioning PCP is a set of Web-based, next-generation communications services software from Cisco. The software provides IP communication services capabilities for IP telephony, voicemail, and unified communications environments. Cisco Prime Collaboration Provisioning...

Vulnerabilities found in Bluetooth specifications

Researchers have discovered seven vulnerabilities in two components of the Bluetooth standard. Specifically, these are the Bluetooth Core Specification and Bluetooth Mesh Specification 1.0 and 1.0.1. The vulnerabilities allow a malicious person to spoof Bluetooth devices during the pairing proces...

CVE-2020-26556

Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, able to conduct a successful brute-force attack on an insufficiently random AuthValue before the provisioning procedure times out, to complete authentication by leveraging Malleable Commitment...

CVE-2020-26560

Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, reflecting the authentication evidence from a Provisioner, to complete authentication without possessing the AuthValue, and potentially acquire a NetKey and AppKey...

Bluetooth Mesh 授权问题漏洞

Bluetooth Mesh is an application. A Bluetooth profile. A security vulnerability in Mesh Provisioning in Bluetooth Mesh profile versions 1.0 and 1.0.1 allows nearby devices to determine the AuthValue via a brute-force attack unless the AuthValue is sufficiently randomized and changed each time...

Cisco Prime Collaboration Provisioning Information Disclosure Vulnerability (CNVD-2018-11350)

Cisco Prime Collaboration Provisioning PCP is a set of Web-based, next-generation communications services software from Cisco. The software provides IP communication service features for IP telephony, voice mail and unified communications environments. An information disclosure vulnerability exis...

Cisco Prime Collaboration Provisioning Directory Traversal Vulnerability (CNVD-2017-09962)

Cisco Prime Collaboration is a comprehensive video and voice service assurance and management system. A directory traversal vulnerability exists in Cisco Prime Collaboration Provisioning, which can be exploited by a remote attacker to delete arbitrary files on an affected system...

Cisco Prime Collaboration Provisioning Authentication Bypass Vulnerability

Cisco Prime Collaboration is a comprehensive video and voice service assurance and management system. An authentication bypass vulnerability exists in the web interface of Cisco Prime Collaboration Provisioning, which stems from a lack of security restrictions in certain HTTP request methods. An...

CVE-2016-1518

The auto-provisioning mechanism in the Grandstream Wave app 1.0.1.26 and earlier for Android and Grandstream Video IP phones allows man-in-the-middle attackers to spoof provisioning data and consequently modify device functionality, obtain sensitive information from system logs, and have...