UBUNTU-CVE-2026-32633

Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.2, in Central Browser mode, the /api/4/serverslist endpoint returns raw server objects from GlancesServersList.getserverslist. Those objects are mutated in-place during background polling and can contain a uri...

CVE-2026-27832

Group-Office (enterprise CRM/groupware) is affected by an authenticated SQL Injection in the advancedQueryData parameter (comparator) on index.php?r=email/template/emailSelection. Pre-fix versions 26.0.8, 25.0.87, and 6.8.153 process advancedQueryData with a weak allowlist, enabling blind boolean...

CVE-2026-27832 Group-Office Has Authenticated SQL Injection in advancedQueryData.comparator

Group-Office is an enterprise customer relationship management and groupware tool. Versions prior to 26.0.8, 25.0.87, and 6.8.153 have a SQL Injection SQLi vulnerability, exploitable through the advancedQueryData parameter comparator field on an authenticated endpoint. The endpoint...

EUVD-2020-17925

Malware in sbrugna...

EUVD-2005-4128

Malware in sbrugna...

EUVD-2020-28019

Malware in sbrugna...

EUVD-2025-18210

Malicious code in bioql PyPI...

CVE-2025-52101

linjiashop =0.9 is vulnerable to Incorrect Access Control. When using the default-generated JWT authentication, attackers can bypass the authentication and retrieve the encrypted "password" and "salt". The password can then be obtained through brute-force cracking...

CVE-2025-5864

The CVE-2025-5864 entry affects Tenda TDSEE App versions up to 1.7.12, targeting the file /app/ConfirmSmsCode in the Password Reset Confirmation Code Handler. The root cause is improper restriction of excessive authentication attempts, with the attack described as executable remotely and of high ...

CVE-2020-6877

A ZTE product is impacted by an information leak vulnerability. An attacker could use this vulnerability to obtain the authentication password of the handheld terminal and access the device illegally for operation. This affects: ZXA10 eODN V2.3P2T1...

Triple-Identity Authentication: the Future of Secure Access

In a typical authentication process, the local system verifies the user's identity using a stored hash value generated by a cross-system hash algorithm. This article shifts the research focus from traditional password encryption to the establishment of gatekeeping mechanisms for effective...

D-Link DAP-2622 Stack Buffer Overflow Remote Code Execution Vulnerability (CNVD-2025-29682)

D-Link DAP-2622 is a wireless access point AP from AUO D-Link that supports POE power supply and is mainly used for wireless network coverage in enterprise or commercial scenarios. The D-Link DAP-2622 suffers from a stack buffer overflow remote code execution vulnerability, which stems from a...

Toshiba e-STUDIO Security Vulnerability

Toshiba e-STUDIO is a series of high-end office multifunction printers from Toshiba Japan. A security vulnerability exists in Toshiba e-STUDIO that originates from the authentication password between programs within the multifunction device is partially written directly into the program, so that...

D-Link DAP-2622 安全漏洞

The D-Link DAP-2622 is a wireless access point Access Point device from China's AUO D-Link. A security vulnerability exists in the D-Link DAP-2622 that stems from a stack-based buffer overflow remote code execution vulnerability in the DDP Set Wireless Message Authentication Password...

D-Link DAP-2622 安全漏洞

D-Link DAP-2622 is a wireless access point AP from AUO D-Link that supports POE power supply and is mainly used for wireless network coverage in enterprise or commercial scenarios. The D-Link DAP-2622 suffers from a stack buffer overflow remote code execution vulnerability, which stems from a sta...

D-Link DAP-2622 Stack Buffer Overflow Remote Code Execution Vulnerability

The D-Link DAP-2622 is a wireless access point AP from D-Link designed for wireless network coverage in an enterprise or commercial environment. The D-Link DAP-2622 suffers from a stack buffer overflow remote code execution vulnerability that stems from a stack-based buffer overflow remote code...

PT-2023-19644 · Switch · Switch

Name of the Vulnerable Software and Affected Versions: Switch affected versions not specified Description: The issue concerns an unspecified endpoint in the switch's web server that fails to properly authenticate user identity. This may allow an attacker to download a configuration page containin...

UBUNTU-CVE-2022-41859

In freeradius, the EAP-PWD function computepasswordelement leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack...

AZL-7748 CVE-2022-23304 affecting package wpa_supplicant for versions less than 2.10-1

The implementations of EAP-pwd in hostapd before 2.10 and wpasupplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9495...

CVE-2020-6877

A ZTE product is impacted by an information leak vulnerability. An attacker could use this vulnerability to obtain the authentication password of the handheld terminal and access the device illegally for operation. This affects: ZXA10 eODN V2.3P2T1...