CVE-2026-49494

creationtimestamp| type| source ---|---|--- 2026-06-07 04:16:20+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-49494 2026-06-07 12:41:01+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnp6tprsqw25 2026-06-07 13:24:19+00:00| seen|...

Pre-Characterization of Electromagnetic Side-Channel Leakage Using Publicly Available Information: A Case Study on E-Voting Interfaces

In this work, we study the interface of the Brazilian e-Voting Machine BVM in the context of electromagnetic side-channel threats commonly referred to as TEMPEST attacks. In a TEMPEST attack against video displays, an eavesdropper uses Software-Defined Radios SDRs to recover sensitive information...

CVE-2026-32299

CVE-2026-32299 is linked to a GitHub Advisory for Connect CMS describing an improper authorization vulnerability in the page content retrieval feature. The issue could allow a third party to access contents and attachments of non-public pages due to insufficient authorization checks. Affected sof...

Increase in Malware Enabled ATM Jackpotting Incidents across United States

The Federal Bureau of Investigation FBI is releasing this FLASH to disseminate indicators of compromise IOCs and technical details associated with malware enabled ATM jackpotting. Threat actors exploit physical and software vulnerabilities in ATMs and deploy malware to dispense cash without a...

CVE-2023-45364

An issue was discovered in includes/page/Article.php in MediaWiki 1.36.x through 1.39.x before 1.39.5 and 1.40.x before 1.40.1. Deleted revision existence is leaked due to incorrect permissions being checked. This reveals that a given revision ID belonged to the given page title, and its timestam...

CVE-2025-13327

No description is available for this CVE. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability...

A Systematic Study on Generating Web Vulnerability Proof-Of-Concepts Using Large Language Models

Recent advances in Large Language Models LLMs have brought remarkable progress in code understanding and reasoning, creating new opportunities and raising new concerns for software security. Among many downstream tasks, generating Proof-of-Concept PoC exploits plays a central role in vulnerabilit...

EUVD-2020-23235

Malware in sbrugna...

EUVD-2021-25580

Malware in sbrugna...

CVE-2025-52970

A improper handling of parameters in Fortinet FortiWeb versions 7.6.3 and below, versions 7.4.7 and below, versions 7.2.10 and below, and 7.0.10 and below may allow an unauthenticated remote attacker with non-public information pertaining to the device and targeted user to gain admin privileges o...

CVE-2025-32377

creationtimestamp| type| source ---|---|--- 2025-04-18 20:33:46+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ln4hrgyixf2d 2025-04-18 20:35:33+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114360879207101550 2025-04-18 20:59:25+00:00| published-proof-of-concept|...

How Cybercriminals Exploit Public Info for Attacks: Understanding Risks and Prevention

Cybercriminals are skilled at using public information to their advantage. Knowing how they gather this data can help…...

thelounge may publicly disclose of all usernames/idents via port 113

Per RFC 1413, The unique identifying tuple includes not only the ports, but also the both addresses. Without the addresses, the information becomes both non-unique and public: - If multiple connections happen to use the same local port number which is possible if the addresses differ, the usernam...

Skytrack - Planespotting And Aircraft OSINT Tool Made Using Python

About skytrack is a command-line based plane spotting and aircraft OSINT reconnaissance tool made using Python. It can gather aircraft information using various data sources, generate a PDF report for a specified aircraft, and convert between ICAO and Tail Number designations. Whether you are a...

Cross site request forgery (csrf)

Decidim is a participatory democracy framework. Starting in version 0.23.0 and prior to versions 0.27.5 and 0.28.0, the CSRF authenticity token check is disabled for the questionnaire templates preview. The issue does not imply a serious security thread as you need to have access also to the...

PT-2024-13465 · Decidim · Decidim

Name of the Vulnerable Software and Affected Versions: Decidim versions 0.23.0 through 0.27.4 Decidim versions 0.28.0 before the fix Description: Decidim is a participatory democracy framework. The CSRF authenticity token check is disabled for the questionnaire templates preview, which may allow...

编号已被CVE保留

No details are available at this time...

RIELLO UPS NetMan 安全漏洞

RIELLO UPS NetMan is a network adapter from RIELLO UPS, Italy. A security vulnerability exists in RIELLO UPS NetMan. No information about this vulnerability is available at this time, please stay tuned to CNNVD or the manufacturer's bulletin...

Intel PROSet/Wireless WiFi Software 安全漏洞

Intel PROSet/Wireless WiFi Software is a wireless network card driver from Intel Corporation USA. A security vulnerability exists in Intel PROSet/Wireless WiFi Software. An attacker could exploit the vulnerability to gain local access to publicly available information...

Open Source Intelligence May Be Changing Old-School War

Intelligence collected from public information online could be impacting traditional warfare and altering the calculus between large and small powers...