CVE-2025-52464 Meshtastic Repeated Public and Private Keypairs

Meshtastic is an open source mesh networking solution. In versions from 2.5.0 to before 2.6.11, the flashing procedure of several hardware vendors was resulting in duplicated public/private keys. Additionally, the Meshtastic was failing to properly initialize the internal randomness pool on some...

CVE-2025-31424

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in kamleshyadav WP Lead Capturing Pages leadcapture allows Blind SQL Injection.This issue affects WP Lead Capturing Pages: from n/a through 2.6...

CVE-2025-31424

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in kamleshyadav WP Lead Capturing Pages leadcapture allows Blind SQL Injection.This issue affects WP Lead Capturing Pages: from n/a through 2.6...

CVE-2025-31424

CVE-2025-31424 describes an unauthenticated SQL Injection in the WordPress plugin WP Lead Capturing Pages (Kamleshyadav) affecting versions up to 2.3. The vulnerability arises from improper neutralization of input elements used in SQL commands, enabling blind SQL injection. The associated CVSS 3....

CVE-2025-31424 WordPress WP Lead Capturing Pages plugin < 2.6 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in kamleshyadav WP Lead Capturing Pages leadcapture allows Blind SQL Injection.This issue affects WP Lead Capturing Pages: from n/a through 2.6...

CVE-2025-31424 WordPress WP Lead Capturing Pages plugin < 2.6 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in kamleshyadav WP Lead Capturing Pages leadcapture allows Blind SQL Injection.This issue affects WP Lead Capturing Pages: from n/a through 2.6...

WordPress plugin WP Lead Capturing Pages SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

CVE-2024-44189

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15. A logic issue existed where a process may be able to capture screen contents without user consent...

Moukthar - Android Remote Administration Tool

Remote adminitration tool for android Features Permissions bypass android 12 below https://youtube.com/shorts/-w8H0lkFxb0 Keylogger https://youtube.com/shorts/Ll9dNrkjFOA Notifications listener SMS listener Phone call recording Image capturing and screenshots Video recording Persistence Read &...

CVE-2025-27789

Babel is a compiler for writing next generation JavaScript. When using versions of Babel prior to 7.26.10 and 8.0.0-alpha.17 to compile regular expression named capturing groups, Babel will generate a polyfill for the .replace method that has quadratic complexity on some specific replacement...

Babel has inefficient RegExp complexity in generated code with .replace when transpiling named capturing groups

Impact When using Babel to compile regular expression named capturing groups, Babel will generate a polyfill for the .replace method that has quadratic complexity on some specific replacement pattern strings i.e. the second argument passed to .replace. Your generated code is vulnerable if all the...

GHSA-968P-4WVH-CQC8 Babel has inefficient RegExp complexity in generated code with .replace when transpiling named capturing groups

Impact When using Babel to compile regular expression named capturing groups, Babel will generate a polyfill for the .replace method that has quadratic complexity on some specific replacement pattern strings i.e. the second argument passed to .replace. Your generated code is vulnerable if all the...

UBUNTU-CVE-2025-27789

Babel is a compiler for writing next generation JavaScript. When using versions of Babel prior to 7.26.10 and 8.0.0-alpha.17 to compile regular expression named capturing groups, Babel will generate a polyfill for the .replace method that has quadratic complexity on some specific replacement...

CVE-2025-27789 Inefficient RexExp complexity in generated code with .replace when transpiling named capturing groups

Babel is a compiler for writing next generation JavaScript. When using versions of Babel prior to 7.26.10 and 8.0.0-alpha.17 to compile regular expression named capturing groups, Babel will generate a polyfill for the .replace method that has quadratic complexity on some specific replacement...

CVE-2025-27789 Inefficient RexExp complexity in generated code with .replace when transpiling named capturing groups

Babel is a compiler for writing next generation JavaScript. When using versions of Babel prior to 7.26.10 and 8.0.0-alpha.17 to compile regular expression named capturing groups, Babel will generate a polyfill for the .replace method that has quadratic complexity on some specific replacement...

DEBIAN-CVE-2023-52916

In the Linux kernel, the following vulnerability has been resolved: media: aspeed: Fix memory overwrite if timing is 1600x900 When capturing 1600x900, system could crash when system memory usage is tight. The way to reproduce this issue: 1. Use 1600x900 to display on host 2. Mount ISO through...

OpenSSL Heartbeat (Heartbleed) Client Memory Exposure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenSSL Heartbeat Heartbleed Client Memory Exposure', 'Description' = %q This module provides a fake SSL service that is intended to leak memory...

CVE-2024-7408 Information Disclosure Vulnerability in Airveda Air Quality Monitor

This vulnerability exists in Airveda Air Quality Monitor PM2.5 PM10 due to transmission of sensitive information in plain text during AP pairing mode. An attacker in close proximity could exploit this vulnerability by capturing Wi-Fi traffic of Airveda-AP. Successful exploitation of this...

CVE-2024-36499

Huawei HarmonyOS/WMS module contains a silent screenshot vulnerability enabling unauthorized image capture. Affected component is the WMS module in HarmonyOS; root cause is silent screenshot capability that bypasses user interaction. Impact is confidentiality leakage (C/H, I/N, A/L). CVSS metrics...

CVE-2024-36499

Vulnerability of unauthorized screenshot capturing in the WMS module Impact: Successful exploitation of this vulnerability may affect service confidentiality...