QNAP Systems QuMagie 安全漏洞

QNAP Systems QuMagie is an AI-powered photo management software developed by QNAP Systems, a company based in Taiwan, China. QNAP Systems QuMagie has a security vulnerability that stems from the lack of authorization verification. This vulnerability could allow remote attackers to access...

Acer M6E 安全漏洞

The Acer M6E is a portable 5G mobile hotspot device from Acer, a company based in Taiwan, China. The Acer M6E has a security vulnerability. This vulnerability stems from the lack of authorization verification for the key management API endpoints involved in cellular eSIM allocation. As a result,...

CVE-2026-47673

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.21, the jwt and jwk middlewares do not verify that the Authorization header value uses theBearer scheme. Any two-part header value — regardless of the scheme name in the first position — proceeds t...

GO-2026-4366 Gitea does not properly verify authorization when canceling scheduled auto-merges via the web interface in code.gitea.io/gitea

Gitea does not properly verify authorization when canceling scheduled auto-merges via the web interface in code.gitea.io/gitea...

EUVD-2023-46986

Malicious code in bioql PyPI...

EUVD-2024-49630

Malicious code in bioql PyPI...

CVE-2024-20420

A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an authenticated, remote attacker with low privileges to run commands as an Admin user. This vulnerability is due to incorrect authorization verification by the HTTP server...

CVE-2025-25528

Multiple buffer overflow vulnerabilities in Wavlink WL-WN575A3 RPT75A3.V4300, which are caused by not performing strict length checks on user-controlled data. By successfully exploiting the vulnerabilities, attackers can crash the remote devices or execute arbitrary commands without any...

WordPress plugin Mark Posts 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin Sur.ly 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

CVE-2024-20420

A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an authenticated, remote attacker with low privileges to run commands as an Admin user. This vulnerability is due to incorrect authorization verification by the HTTP server...

CVE-2024-20420 Cisco ATA 190 Series Analog Telephone Adapter Firmware Privilege Escalation Vulnerability

A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an authenticated, remote attacker with low privileges to run commands as an Admin user. This vulnerability is due to incorrect authorization verification by the HTTP server...

CVE-2024-20420 Cisco ATA 190 Series Analog Telephone Adapter Firmware Privilege Escalation Vulnerability

A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an authenticated, remote attacker with low privileges to run commands as an Admin user. This vulnerability is due to incorrect authorization verification by the HTTP server...

CVE-2024-20420

The CVE-2024-20420 entry concerns Cisco ATA 190 Series Analog Telephone Adapter firmware. The web-based management interface contains an HTTP server authorization verification flaw that could allow an authenticated, low-privilege remote attacker to execute commands with Admin privileges. Document...

WordPress plugin Integrate Google Drive security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Plugin YITH WooCommerce Gift Cards 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A security vulnerability exists in WordPress Plugin...

CVE-2024-20828

Improper authorization verification vulnerability in Samsung Internet prior to version 24.0 allows physical attackers to access files downloaded in SecretMode without proper authentication...

Authorization

Improper authorization verification vulnerability in Samsung Internet prior to version 24.0 allows physical attackers to access files downloaded in SecretMode without proper authentication...

CVE-2024-20828

Improper authorization verification vulnerability in Samsung Internet prior to version 24.0 allows physical attackers to access files downloaded in SecretMode without proper authentication...

CVE-2023-42569

Improper authorization verification vulnerability in AR Emoji prior to SMR Dec-2023 Release 1 allows attackers to read sandbox data of AR Emoji...