CVE-2025-30028

Technical details about CVE-2025-30028 are not publicly available in the provided documents. Monitor for updates from Synology and NVD for affected products, versions, and remediation.

CVE-2025-30028

A vulnerability in Active Backup for Business allows unauthorized remote attackers to read arbitrary files...

Astra Linux - уязвимость в openjdk-11

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: Security. The supported versions affected by this vulnerability include Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK:...

PT-2026-42371

NornicDB has Improper Network Binding in its Bolt Server, allowing unauthorized remote access in github.com/orneryd/nornicdb...

PT-2026-38722

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...

cPanel 访问控制错误漏洞

cPanel is a web-based automated hosting platform developed by the cPanel company in the United States. This platform is primarily used for automating the management of websites and servers. cPanel has a vulnerability related to access control, which stems from an authentication bypass issue in th...

CVE-2025-41764 Unchecked role in wwwupdate.cgi

Due to insufficient authorization enforcement, an unauthorized remote attacker can exploit the wwwupdate.cgi endpoint to upload and apply arbitrary updates...

VideoLAN VLC media player 安全漏洞

VideoLAN VLC Media Player is a free, open-source cross-platform multimedia player developed by the French company VideoLAN. It supports playback of various media formats such as files and discs as well as different audio and video formats e.g., WMV, MP3, etc.. Versions of VideoLAN VLC Media Playe...

PT-2026-6914

Name of the Vulnerable Software and Affected Versions yeqifu warehouse versions prior to aaf29962ba407d22d991781de28796ee7b4670e4 Description A flaw exists within the Notice Management component of yeqifu warehouse, specifically in the addNotice, updateNotice, deleteNotice, and batchDeleteNotice...

CVE-2019-11614

doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/views/ajax/commentView.php. A remote unauthorized attacker could exploit the vulnerability to obtain database sensitive information...

FLIR Thermal Camera 信任管理问题漏洞

FLIR Thermal Camera F Series and others are a series of thermal imaging cameras from FLIR, USA. A trust management issue vulnerability exists in FLIR Thermal Camera F/FC/PT/D version 8.0.0.64, which stems from the presence of hard-coded SSH credentials that could lead to unauthorized remote acces...

CVE-2017-20214 FLIR Thermal Camera F/FC/PT/D firmware version 8.0.0.64 Hard-Coded SSH Credentials Vulnerability

FLIR Thermal Camera F/FC/PT/D firmware version 8.0.0.64 contains hard-coded SSH credentials that cannot be changed through normal camera operations. Attackers can leverage these persistent, unmodifiable credentials to gain unauthorized remote access to the thermal camera system...

Use of Hard-coded Credentials

Overview Affected versions of this package are vulnerable to Use of Hard-coded Credentials via the interactive installer process. An attacker can gain unauthorized remote access to the host system by exploiting the default administrative credentials over SSH before the password is reset. This is...

CVE-2025-41742

Sprecher Automations SPRECON-E-C, SPRECON-E-P, SPRECON-E-T3 is vulnerable to attack by an unauthorized remote attacker via default cryptographic keys. The use of these keys allows the attacker to read, modify, and write projects and data, or to access any device via remote maintenance...

CVE-2025-41742 Sprecher Automation: SPRECON-E series has a critical vulnerability due to the use of static cryptographic keys in system components

Sprecher Automations SPRECON-E-C, SPRECON-E-P, SPRECON-E-T3 is vulnerable to attack by an unauthorized remote attacker via default cryptographic keys. The use of these keys allows the attacker to read, modify, and write projects and data, or to access any device via remote maintenance...

EUVD-2025-199001

Shenzhen TVT Digital Technology Co., Ltd. NVMS-9000 firmware used by many white-labeled DVR/NVR/IPC products versions prior to 1.3.4 contain an authentication bypass in the NVMS-9000 control protocol. By sending a single crafted TCP payload to an exposed NVMS-9000 control port, an unauthenticated...

EUVD-2025-34145

A cleartext transmission of sensitive information vulnerability in the affected products allows an unauthorized remote attacker to gain login credentials and access the Web-UI...

EUVD-2016-9570

Malware in sbrugna...

EUVD-2019-10240

Malware in sbrugna...

EUVD-2025-19036

Malicious code in bioql PyPI...