CVE-2021-0985

In onReceive of AlertReceiver.java, there is a possible way to dismiss system dialog due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

CVE-2025-23113

An issue was discovered in REDCap 14.9.6. It has an action=myprojects=1 CSRF issue in the alert-title while performing an upload of a CSV file containing a list of alert configuration. An attacker can send the victim a CSV file containing an HTML injection payload in the alert-title. Once the...

CVE-2025-23196

A code injection vulnerability exists in the Ambari Alert Definition feature, allowing authenticated users to inject and execute arbitrary shell commands. The vulnerability arises when defining alert scripts, where the script filename field is executed using sh -c. An attacker with authenticated...

CVE-2019-18659

The Wireless Emergency Alerts WEA protocol allows remote attackers to spoof a Presidential Alert because cryptographic authentication is not used, as demonstrated by MessageIdentifier 4370 in LTE System Information Block 12 aka SIB12. NOTE: testing inside an RF-isolated shield box suggested that...

CVE-2023-49765

Authorization Bypass Through User-Controlled Key vulnerability in Blaz K. Rate my Post – WP Rating System.This issue affects Rate my Post – WP Rating System: from n/a through 3.4.1...

CVE-2019-18265

Digital Alert Systems’ DASDEC software prior to version 4.1 contains a cross-site scripting XSS vulnerability that allows remote attackers to inject arbitrary web script or HTML via the SSH username, username field of the login page, or via the HTTP host header. The injected content is stored in...

CVE-2023-25178

Controller may be loaded with malicious firmware which could enable remote code execution. See Honeywell Security Notification for recommendations on upgrading and versioning...

CVE-2025-23821

Cross-Site Request Forgery CSRF vulnerability in aleapp WP Cookies Alert wp-cookies-alert allows Cross Site Request Forgery.This issue affects WP Cookies Alert: from n/a through = 1.1.1...

(0Day) ALGO 8180 IP Audio Alerter SIP INVITE Alert-Info Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the Alert-Info header of SIP INVITE requests. The iss...

PT-2026-2009

Name of the Vulnerable Software and Affected Versions ALGO 8180 IP Audio Alerter affected versions not specified Description A flaw exists in the web-based user interface of the ALGO 8180 IP Audio Alerter that allows remote attackers to execute arbitrary code. Authentication is required for...

PT-2026-2011

Name of the Vulnerable Software and Affected Versions ALGO 8180 IP Audio Alerter affected versions not specified Description A flaw exists in the web-based user interface of the ALGO 8180 IP Audio Alerter that allows remote attackers to execute arbitrary code. Authentication is required for...

PT-2026-2020

Name of the Vulnerable Software and Affected Versions ALGO 8180 IP Audio Alerter affected versions not specified Description A flaw exists in the handling of the Alert-Info header within SIP INVITE requests. The issue stems from insufficient validation of user-supplied data length before copying ...

CVE-2025-67915

creationtimestamp| type| source ---|---|--- 2026-01-08 11:01:04+00:00| seen| https://gist.github.com/Darkcrai86/fc1820ff0cd259e3be3f30d35f940d1d 2026-01-08 17:00:03+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mbwhfjn5r62f 2026-01-08 17:00:37+00:00| seen|...

CVE-2025-67934

creationtimestamp| type| source ---|---|--- 2026-01-08 10:53:41+00:00| seen| https://gist.github.com/Darkcrai86/dc0ae6d122b162df632da7164239c0ca 2026-01-08 13:28:15+00:00| seen| https://gist.github.com/Darkcrai86/b96e3f93d226e6e6ae41fee8e3b68107 2026-01-08 20:04:57+00:00| seen|...

Malicious Package

Overview bnia-work is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

Malicious Package

Overview rt-global-nav is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

CVE-2016-16113

creationtimestamp| type| source ---|---|--- 2026-01-07 23:00:13+00:00| published-proof-of-concept| Telegram/h5P8bfRy51cnS-yezftJbVpEO2Om2ofhpc-g7kq6JaOtWVE 2026-01-08 03:00:07+00:00| published-proof-of-concept| Telegram/Z6KDFyAddhRWTTdj8KLR9BqWCW4LVkYFOJnFavxpUnMZmU...

CVE-2025-4675

creationtimestamp| type| source ---|---|--- 2026-01-07 18:06:41+00:00| seen| Telegram/z4Hdig2Y-CzYhBdtVlGTwJ9KW9iSWl3bFYnRlWuZ8V2CdM 2026-01-08 19:06:02+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/control-systems-abb-security-advisory-av26-011 2026-05-12 10:00:00+00:00| seen|...

CVE-2025-14070

creationtimestamp| type| source ---|---|--- 2026-01-07 18:03:33+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mbu2i4zq4m2u...

CVE-2025-14804

creationtimestamp| type| source ---|---|--- 2026-01-07 08:27:58+00:00| seen| https://gist.github.com/Darkcrai86/7494f240caaacc2958b908b8f1d2e55a 2026-01-07 10:49:32+00:00| seen| https://gist.github.com/Darkcrai86/fc6ef7ddd274ca58681c8c90060fb8fe 2026-01-07 17:52:34+00:00| seen|...