CVE-2025-54347

A Directory Traversal vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows an attacker to write arbitrary files under certain conditions...

PT-2025-47970

Name of the Vulnerable Software and Affected Versions Desktop Alert PingAlert versions 6.1.0.11 through 6.1.1.2 Description An Incorrect Access Control issue exists in the Application Server component of the software. This allows an attacker to disclose user hashes. Recommendations Update to a...

PT-2025-47972

Name of the Vulnerable Software and Affected Versions Desktop Alert PingAlert versions 6.1.0.11 through 6.1.1.2 Description An incorrect access control issue exists in the Application Server component of the software. This allows for remote information disclosure. Recommendations Update to a...

Desktop Alert PingAlert 安全漏洞

Desktop Alert PingAlert is a network status monitoring tool from Desktop Alert USA. A security vulnerability exists in Desktop Alert PingAlert versions 6.1.0.11 through 6.1.1.2, which stems from improper access control and could lead to remote information disclosure...

PT-2025-47968

Name of the Vulnerable Software and Affected Versions Desktop Alert PingAlert versions 6.1.0.11 through 6.1.1.2 Description A Directory Traversal issue exists in the Application Server of the software, allowing an attacker to write arbitrary files under certain conditions. The issue enables...

PT-2025-47971

Name of the Vulnerable Software and Affected Versions Desktop Alert PingAlert versions 6.1.0.11 through 6.1.1.2 Description A security issue exists in the Application Server component of the software due to hard-coded configuration values. Recommendations Update Desktop Alert PingAlert to a versi...

CVE-2025-54563

An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows Incorrect Access Control, leading to Remote Information Disclosure...

CVE-2025-66086

Missing Authorization vulnerability in Cozy Vision SMS Alert Order Notifications sms-alert allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SMS Alert Order Notifications: from n/a through = 3.8.8...

MAL-2025-190601 Malicious code in airbnb-blueimp-file-upload (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e31d7485138d523c3fc40982b857b4c758f73f46c1bd66952aa2f877625b480 The package airbnb-blueimp-file-upload was found to contain malicious code. Source: ossf-package-analysis...

EUVD-2025-198543

Malicious code in o2-tooltip npm...

MAL-2025-190606 Malicious code in airbnb-story-constants (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9ee587585b5d6ce7a559b01b7ca42796dcd026647cce38e2056a0893bd4c7429 The package airbnb-story-constants was found to contain malicious code. Source: ossf-package-analysis...

CVE-2025-64169

Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 3.7.0 to before 4.12.0, fimalert implementation does not check whether oldsum-md5 is NULL or not before dereferencing it. A compromised agent can cause a crash of analysisd by sending a...

EUVD-2025-198506

Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 3.7.0 to before 4.12.0, fimalert implementation does not check whether oldsum-md5 is NULL or not before dereferencing it. A compromised agent can cause a crash of analysisd by sending a...

CVE-2025-64169 Wazuh NULL pointer dereference in fim_alert line 666

Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 3.7.0 to before 4.12.0, fimalert implementation does not check whether oldsum-md5 is NULL or not before dereferencing it. A compromised agent can cause a crash of analysisd by sending a...

CVE-2025-64169

CVE-2025-64169 — Wazuh NULL pointer dereference in fim_alert : The issue affects Wazuh 3.7.0 up to, but not including, 4.12.0, where fim_alert() may dereference oldsum->md5 without NULL-check, potentially causing analysisd to crash when a compromised agent sends a crafted message. The vulnerab...

EUVD-2025-198461

Missing Authorization vulnerability in Cozy Vision SMS Alert Order Notifications sms-alert allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SMS Alert Order Notifications: from n/a through = 3.8.8...

GHSA-547R-QMJM-8HVW

creationtimestamp| type| source ---|---|--- 2025-11-21 14:49:21+00:00| seen| https://bsky.app/profile/736b.moe/post/3m65jpnbetg2w 2025-11-21 14:50:40+00:00| seen| https://bsky.app/profile/736b.moe/post/3m65jrxzeqx2p 2025-11-21 22:25:21+00:00| seen|...

CVE-2025-66086

Missing Authorization vulnerability in Cozy Vision SMS Alert Order Notifications sms-alert allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SMS Alert Order Notifications: from n/a through = 3.8.8...

CVE-2025-66086 WordPress SMS Alert Order Notifications plugin <= 3.8.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in Cozy Vision SMS Alert Order Notifications sms-alert allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SMS Alert Order Notifications: from n/a through = 3.8.8...

CVE-2025-66086

CVE-2025-66086 is a Missing Authorization vulnerability in the WordPress plugin SMS Alert Order Notifications – WooCommerce (sms-alert), affecting versions