699 matches found
EUVD-2024-45678
Malicious code in bioql PyPI...
EUVD-2022-50207
Malicious code in bioql PyPI...
EUVD-2025-27143
Malicious code in bioql PyPI...
EUVD-2025-23791
Malicious code in bioql PyPI...
EUVD-2025-27972
Malicious code in bioql PyPI...
EUVD-2025-30192
Malicious code in bioql PyPI...
Cybersecurity Awareness Month: Security starts with you
At Microsoft, security is our number one priority, and we believe that cybersecurity is as much about people as it is about technology. As we move into October and kick off Cybersecurity Awareness Month, this time of year really makes me think about how important online safety is—not just at work...
CVE-2025-57915
Cross-Site Request Forgery CSRF vulnerability in César Martín TOCHAT.BE tochat-be allows Cross Site Request Forgery.This issue affects TOCHAT.BE: from n/a through = 1.3.4...
CVE-2025-57915 WordPress TOCHAT.BE Plugin <= 1.3.4 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in César Martín TOCHAT.BE tochat-be allows Cross Site Request Forgery.This issue affects TOCHAT.BE: from n/a through = 1.3.4...
WordPress plugin TOCHAT.BE 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...
CVE-2025-30519 Dover Fueling Solutions ProGauge MagLink LX4 Devices Use of Weak Credentials
Dover Fueling Solutions ProGauge MagLink LX4 Devices have default root credentials that cannot be changed through standard administrative means. An attacker with network access to the device can gain administrative access to the system...
UBUNTU-CVE-2023-53345
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix potential data race in rxrpcwaittobeconnected Inside the loop in rxrpcwaittobeconnected it checks call-error to see if it should exit the loop without first checking the call state. This is probably safe as if call-err...
PT-2025-38195
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A potential data race condition was identified within the rxrpc wait to be connected function in the Linux kernel. The issue arises from accessing call-error within a loop without first...
CVE-2025-59033
The Microsoft vulnerable driver block list is implemented as Windows Defender Application Control WDAC policy. Entries that specify only the to-be-signed TBS part of the code signer certificate are properly blocked, but entries that specify the signing certificate's TBS hash along with a...
CVE-2025-35451 Pan-Tilt-Zoom cameras hard-coded default passwords with SSH and telnet enabled
PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use hard-coded, default administrative credentials. The passwords can readily be cracked. Many cameras have SSH or telnet listening on all interfaces. The passwords cannot be changed by the user, nor can the SSH or telnet service be...
CVE-2025-6519
E3 Site Supervisor firmware version 2.31F01 has a default admin user "ONEDAY" with a daily generated password. An attacker can predictably generate the password for ONEDAY. The oneday user cannot be deleted or modified by any user...
CVE-2025-6519
CVE-2025-6519 overview (confirmed details) : Affects Copeland E3 Site Supervisor firmware versions prior to 2.31F01. The vulnerability stems from a default admin account named “ONEDAY” that uses a daily-generated password which can be predicted. The ONEDAY user cannot be deleted or modified by an...
PT-2025-35562
Name of the Vulnerable Software and Affected Versions: E3 Site Supervisor versions prior to 2.31F01 Description: E3 Site Supervisor firmware contains a default administrator account, ONEDAY, with a daily generated password that is predictable. The ONEDAY user cannot be deleted or modified...
Linux Distros Unpatched Vulnerability : CVE-2020-28638
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - askpassword in Tomb 2.0 through 2.7 returns a warning when pinentry-curses is used and $DISPLAY is non- empty, causing affected users' files to be encrypted wit...
CVE-2024-46484
creationtimestamp| type| source ---|---|--- 2025-08-29 04:54:19+00:00| seen| https://gist.github.com/powalll/682c1b81696888fd692e595598f2ae3e 2025-08-29 21:27:46+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115114171833588989 2025-08-30 00:34:31+00:00| seen|...