206 matches found
WordPress OPEN-BRAIN plugin <= 0.5.0 - Cross-Site Request Forgery vulnerability
Cross-Site Request Forgery vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin OPEN-BRAIN versions = 0.5.0...
WordPress plugin OPEN-BRAIN 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-33027
The OPEN-BRAIN plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.5.0. This is due to missing nonce verification on the settings form in the func page main function. This makes it possible for unauthenticated attackers to inject malicious web...
Academia and the “AI Brain Drain”
In 2025, Google, Amazon, Microsoft and Meta collectively spent US$380 billion on building artificial-intelligence tools. That number is expected to surge still higher this year, to $650 billion, to fund the building of physical infrastructure, such as data centers see go.nature.com/3lzf79q...
CVE-2023-49914
InteraXon Muse 2 devices allow remote attackers to cause a denial of service incorrect Muse App report of an outstanding, calm meditation state via a 480 MHz RF carrier that is modulated by a "false" brain wave, aka a Brain-Hack attack. For example, the Muse App does not display the reception of ...
CVE-2020-24396
homee Brain Cube v2 2.28.2 and 2.28.4 devices have sensitive SSH keys within downloadable and unencrypted firmware images. This allows remote attackers to use the support server as a SOCKS proxy...
CVE-2019-16258
The bootloader of the homee Brain Cube V2 through 2.23.0 allows attackers with physical access to gain root access by manipulating the U-Boot environment via the CLI after connecting to the internal UART interface...
EUVD-2025-37365
When using domain users as BRAIN2 users, communication with Active Directory services is unencrypted. This can lead to the interception of authentication data and compromise confidentiality...
EUVD-2025-37364
On a client with an admin user, a GlobalShipping script can be implemented. The script could later be executed on the BRAIN2 server with administrator rights...
CVE-2025-12508
When using domain users as BRAIN2 users, communication with Active Directory services is unencrypted. This can lead to the interception of authentication data and compromise confidentiality...
EUVD-2001-1014
Malware in sbrugna...
EUVD-2019-7064
Malware in sbrugna...
EUVD-2018-6771
Malware in sbrugna...
EUVD-2020-17125
Malware in sbrugna...
EUVD-2014-7199
Malware in sbrugna...
EUVD-2014-5587
Malware in sbrugna...
EUVD-2018-6772
Malware in sbrugna...
EUVD-2023-56123
Malicious code in bioql PyPI...
EUVD-2023-53812
Malicious code in bioql PyPI...
EUVD-2024-48067
Malicious code in bioql PyPI...