CVE-2026-22229 Command Injection Vulnerability on TP-Link Archer BE230 v1.2 and Deco BE25 v1.0

A command injection vulnerability may be exploited after the admin's authentication via the import of a crafted VPN client configuration file on the TP-Link Archer BE230 v1.2 and Deco BE25 v1.0. Successful exploitation could allow an attacker to gain full administrative control of the device,...

Microsoft Will Finally Kill an Encryption Cipher That Enabled a Decade of Windows Hacks

The weak RC4 for administrative authentication has been a hacker holy grail for decades...

EUVD-2011-0409

Malware in sbrugna...

EUVD-2008-6678

Malware in sbrugna...

EUVD-2008-5937

Malware in sbrugna...

EUVD-2008-2875

Malware in sbrugna...

EUVD-2009-4769

Malware in sbrugna...

EUVD-2009-2324

Malware in sbrugna...

EUVD-2011-0410

Malware in sbrugna...

EUVD-2009-4806

Malware in sbrugna...

EUVD-2008-4150

Malware in sbrugna...

EUVD-2014-2115

Malware in sbrugna...

EUVD-2011-4974

Malware in sbrugna...

EUVD-2017-16960

Malware in sbrugna...

EUVD-2008-5196

Malware in sbrugna...

EUVD-2013-5508

Malware in sbrugna...

EUVD-2023-32413

Malicious code in bioql PyPI...

EUVD-2024-52238

Malicious code in bioql PyPI...

CVE-2017-7990

The Reporting Module 1.12.0 for OpenMRS allows CSRF attacks with resultant XSS, in which administrative authentication is hijacked to insert JavaScript into a name field in webapp/reports/manageReports.jsp...

CVE-2009-3261

update/update0.1.2to0.2.php in LiveStreet 0.2 does not require administrative authentication, which allows remote attackers to perform DROP TABLE operations via unspecified vectors...