489 matches found
WordPress Feedify - Web Push Notifications plugin < 2.4.6 - Reflected XSS vulnerability
WordPress Feedify - Web Push Notifications plugin 2.4.6 - Reflected XSS vulnerability discovered by Hassan Khan Yusufzai - Splint3r7 in WordPress Plugin Feedify – Web Push Notifications versions 2.4.6...
WordPress plugin OneSignal – Web Push Notifications 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A security...
CVE-2025-62869
Missing Authorization vulnerability in Gravitec.net - Web Push Notifications Gravitec.net - Web Push Notifications gravitec-net-web-push-notifications allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gravitec.net - Web Push Notifications: from n/a through...
EUVD-2025-202015
Missing Authorization vulnerability in Gravitec.net - Web Push Notifications Gravitec.net Web Push Notifications gravitec-net-web-push-notifications allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gravitec.net Web Push Notifications: from n/a through =...
CVE-2025-62869
Missing Authorization vulnerability in Gravitec.net - Web Push Notifications Gravitec.net – Web Push Notifications gravitec-net-web-push-notifications allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gravitec.net – Web Push Notifications: from n/a through...
CVE-2025-62869
CVE-2025-62869 affects the WordPress plugin Gravitec.net – Web Push Notifications (versions
CVE-2025-62869 WordPress Gravitec.net – Web Push Notifications plugin <= 2.9.17 - Broken Access Control vulnerability
Missing Authorization vulnerability in Gravitec.net - Web Push Notifications Gravitec.net – Web Push Notifications gravitec-net-web-push-notifications allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gravitec.net – Web Push Notifications: from n/a through...
PT-2025-50014
Missing Authorization vulnerability in Gravitec.net - Web Push Notifications Gravitec.net Web Push Notifications gravitec-net-web-push-notifications allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gravitec.net Web Push Notifications: from n/a through =...
WordPress Gravitec.net – Web Push Notifications plugin <= 2.9.17 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Gravitec.net Web Push Notifications versions = 2.9.17...
CVE-2025-20383 Improper access control through push notifications for reports and alerts in Splunk Secure Gateway app
In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and below 3.9.10, 3.8.58, and 3.7.28 of Splunk Secure Gateway app in Splunk Cloud Platform, a low-privileged user that does not hold the "admin" or "power" Splunk roles and subscribes to mobile push notifications could receive...
CVE-2025-20383 Improper access control through push notifications for reports and alerts in Splunk Secure Gateway app
In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and below 3.9.10, 3.8.58, and 3.7.28 of Splunk Secure Gateway app in Splunk Cloud Platform, a low-privileged user that does not hold the "admin" or "power" Splunk roles and subscribes to mobile push notifications could receive...
CVE-2025-20383
CVE-2025-20383 affects Splunk Enterprise (below 10.0.2 and older 9.x branches) and the Splunk Secure Gateway app (below 3.7.28/3.8.58/3.9.10) in Splunk Cloud Platform. A low-privilege user with mobile push notifications enabled can see the title and description of reports/alerts they are not auth...
Matrix Push C2 abuses browser notifications to deliver phishing and malware
Cybercriminals are using browser push notifications to deliver malware and phishing attacks. Researchers at BlackFog described how a new command-and-control platform, called Matrix Push C2, uses browser push notifications to reach potential victims. When we warned back in 2019 that browser push...
Matrix Push C2 Uses Browser Notifications for Fileless, Cross-Platform Phishing Attacks
Bad actors are leveraging browser notifications as a vector for phishing attacks to distribute malicious links by means of a new command-and-control C2 platform called Matrix Push C2. "This browser-native, fileless framework leverages push notifications, fake alerts, and link redirects to target...
Microsoft Windows Push Notifications 信息泄露漏洞
Microsoft Windows Push Notifications is a push notification service from Microsoft Corporation USA. It provides a reliable way to deliver new updates. Microsoft Windows Push Notifications suffers from an information disclosure vulnerability that stems from an attacker's ability to obtain sensitiv...
EUVD-2018-14343
Malware in sbrugna...
EUVD-2021-24805
Malware in sbrugna...
EUVD-2013-4989
Malware in sbrugna...
EUVD-2023-57913
Malicious code in bioql PyPI...
EUVD-2024-33040
Malicious code in bioql PyPI...