CVE-2026-25107

The CVE-2026-25107 entry concerns ELECOM wireless LAN access point devices that use a hard-coded cryptographic key when creating configuration backups. A knowledgeable attacker could tamper a product’s backup configuration file, and a victim administrator could be tricked into loading a crafted c...

CVE-2022-0444

The Backup, Restore and Migrate WordPress Sites With the XCloner Plugin WordPress plugin before 4.3.6 does not have authorisation and CSRF checks when resetting its settings, allowing unauthenticated attackers to reset them, including generating a new backup encryption key...

CVE-2025-67745 Myhoard logs backup encryption key in plain text

MyHoard is a daemon for creating, managing and restoring MySQL backups. Starting in version 1.0.1 and prior to version 1.3.0, in some cases, myhoard logs the whole backup info, including the encryption key. Version 1.3.0 fixes the issue. As a workaround, direct logs into /dev/null...

CVE-2025-67745 Myhoard logs backup encryption key in plain text

MyHoard is a daemon for creating, managing and restoring MySQL backups. Starting in version 1.0.1 and prior to version 1.3.0, in some cases, myhoard logs the whole backup info, including the encryption key. Version 1.3.0 fixes the issue. As a workaround, direct logs into /dev/null...

EUVD-2014-4737

Malware in sbrugna...

EUVD-2022-15583

Malicious code in bioql PyPI...

EUVD-2024-38270

Malicious code in bioql PyPI...

CVE-2024-39866

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP1. The affected application allows users to upload encrypted backup files. This could allow an attacker with access to the backup encryption key and with the right to upload backup files to create a user with...

CVE-2024-39866

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP1. The affected application allows users to upload encrypted backup files. This could allow an attacker with access to the backup encryption key and with the right to upload backup files to create a user with...

WordPress XCloner plugin cross-site request forgery vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. versions of the WordPress XCloner plugin prior to 4.3.6 are vulnerable to cross-site request forgery,...

CVE-2022-0444

The Backup, Restore and Migrate WordPress Sites With the XCloner Plugin WordPress plugin before 4.3.6 does not have authorisation and CSRF checks when resetting its settings, allowing unauthenticated attackers to reset them, including generating a new backup encryption key...

WordPress plugin XCloner 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. versions of the WordPress XCloner plugin prior to 4.3.6 are vulnerable to cross-site request forgery,...