1288 matches found
CVE-2025-21078
Use of insufficiently random value of secretKey in Smart Switch prior to version 3.7.68.6 allows adjacent attackers to access backup data from applications...
CVE-2025-21078
CVE-2025-21078 affects Samsung Smart Switch prior to version 3.7.68.6. The root cause is the use of an insufficiently random value for the secretKey, which could allow adjacent attackers to access application backups. Public sources in the connected documents consistently describe this impact and...
EUVD-2025-37899
Snipe-IT before version 8.3.3 contains a remote code execution vulnerability that allows an authenticated attacker to upload a malicious backup file containing arbitrary files and execute system commands...
PT-2025-45078
Name of the Vulnerable Software and Affected Versions Smart Switch versions prior to 3.7.68.6 Description The use of an insufficiently random value for the secretKey in Smart Switch allows nearby attackers to gain access to backup data from applications. Recommendations Update to version 3.7.68.6...
CVE-2025-10579 BackWPup <= 5.5.0 - Missing Authorization to Sensitive Information Exposure
The BackWPup – WordPress Backup & Restore Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'backwpupworking' AJAX action in all versions up to, and including, 5.5.0. This makes it possible for authenticated attackers, with...
CVE-2025-52763
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NickDuncan Nifty Backups nifty-backups allows Reflected XSS.This issue affects Nifty Backups: from n/a through = 1.08...
EUVD-2025-35475
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NickDuncan Nifty Backups nifty-backups allows Reflected XSS.This issue affects Nifty Backups: from n/a through = 1.08...
CVE-2025-52763
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NickDuncan Nifty Backups nifty-backups allows Reflected XSS.This issue affects Nifty Backups: from n/a through = 1.08...
CVE-2025-52763 WordPress Nifty Backups plugin <= 1.08 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NickDuncan Nifty Backups nifty-backups allows Reflected XSS.This issue affects Nifty Backups: from n/a through = 1.08...
CVE-2025-52763 WordPress Nifty Backups plugin <= 1.08 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NickDuncan Nifty Backups nifty-backups allows Reflected XSS.This issue affects Nifty Backups: from n/a through = 1.08...
CVE-2025-52763
The CVE-2025-52763 entry concerns the NickDuncan Nifty Backups WordPress plugin (
PT-2025-43247
Name of the Vulnerable Software and Affected Versions NickDuncan Nifty Backups versions through 1.08 Description The software contains a flaw related to improper input handling during web page generation, specifically a Reflected Cross-Site Scripting issue. This allows for the injection of...
WordPress plugin Nifty Backups 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...
Service Provider Migration to Unified Veeam Data Cloud FAQ
Below are the most commonly asked questions. What is changing with my Veeam Data Cloud for Microsoft 365 experience? Veeam is transitioning Veeam Cloud Service Providers VCSPs and their customers to Veeam Data Cloud, a unified multi-workload interface. This new experience allows you to manage...
Microsoft Windows BitLocker 安全漏洞
Microsoft Windows BitLocker is a Microsoft Corporation USA BitLocker Ensure secure backup of recovery keys before activating protection. A security vulnerability exists in Microsoft Windows BitLocker that originates from an attacker's ability to bypass certain features by exploiting the...
Experts Warn of Widespread SonicWall VPN Compromise Impacting Over 100 Accounts
Cybersecurity company Huntress on Friday warned of "widespread compromise" of SonicWall SSL VPN devices to access multiple customer environments. "Threat actors are authenticating into multiple accounts rapidly across compromised devices," it said. "The speed and scale of these attacks imply that...
CVE-2025-21060
CVE-2025-21060 affects Samsung Smart Switch prior to version 3.7.67.2, where cleartext storage of sensitive information in backups allows local attackers to access application backup data after user interaction triggers the vulnerability. The underlying issue is the storage of backup data in clea...
EUVD-2025-33673
Cleartext storage of sensitive information in Smart Switch prior to version 3.7.67.2 allows local attackers to access backup data from applications. User interaction is required for triggering this vulnerability...
PT-2025-41520
Name of the Vulnerable Software and Affected Versions Smart Switch versions prior to 3.7.67.2 Description A flaw exists in Smart Switch that allows local attackers to access backup data from applications due to the cleartext storage of sensitive information. User interaction is required to trigge...
SonicWall Says All Firewall Backups Were Accessed by Hackers
SonicWall has confirmed that attackers accessed cloud backup configuration files for all customers using its backup service exposing encrypted credentials and network configurations...