EUVD-2025-5914

Malicious code in bioql PyPI...

CVE-2023-34110

Flask-AppBuilder is an application development framework, built on top of Flask. Prior to version 4.3.2, an authenticated malicious actor with Admin privileges, could by adding a special character on the add, edit User forms trigger a database error, this error is surfaced back to this actor on t...

CVE-2025-23118

An Improper Certificate Validation vulnerability could allow an authenticated malicious actor with access to UniFi Protect Cameras adjacent network to make unsupported changes to the camera system...

CVE-2025-23118

An Improper Certificate Validation vulnerability could allow an authenticated malicious actor with access to UniFi Protect Cameras adjacent network to make unsupported changes to the camera system...

CVE-2025-23117

An Insufficient Firmware Update Validation vulnerability could allow an authenticated malicious actor with access to UniFi Protect Cameras adjacent network to make unsupported changes to the camera system...

CVE-2025-23118

An Improper Certificate Validation vulnerability could allow an authenticated malicious actor with access to UniFi Protect Cameras adjacent network to make unsupported changes to the camera system...

CVE-2025-23118

CVE-2025-23118 affects Ubiquiti UniFi Protect Cameras. The root cause is improper certificate validation in the ubnt_avclient component, allowing authenticated network-adjacent attackers to bypass authentication and make unsupported changes to the camera system. Several sources (e.g., ZDI-25-376)...

CVE-2024-25832

F-logic DataCube3 v1.0 is vulnerable to unrestricted file upload, which could allow an authenticated malicious actor to upload a file of dangerous type by manipulating the filename extension...