WordPress Car Seller - Auto Classifieds Script - SQL Injection

The requestlistrequest AJAX call of the Car Seller - Auto Classifieds Script WordPress plugin through 2.1.0, available to both authenticated and unauthenticated users, does not sanitize, validate or escape the orderid POST parameter before using it in a SQL statement, leading to a SQL injection...

School’s AI system mistakes a bag of chips for a gun

An artificial intelligence AI detection system at Kenwood High School mistakenly flagged a student’s bag of potato chips as a gun, triggering a police response. The 16-year-old had finished eating a bag of Doritos and crumpled it up in his pocket when he was done. But the school’s AI-based gun...

EUVD-2015-1143

Malware in sbrugna...

EUVD-2008-4155

Malware in sbrugna...

EUVD-2005-4050

Malware in sbrugna...

EUVD-2010-4794

Malware in sbrugna...

EUVD-2025-24941

Malicious code in bioql PyPI...

CVE-2025-50861

The Lotus Cars Android app com.lotus.carsdomestic.intl 1.2.8 contains an exported component, PushDeepLinkActivity, which is accessible without authentication via ADB or malicious apps. This poses a risk of unintended access to application internals and can cause denial of service or logic abuse...

CVE-2025-50862

The Lotus Cars Android app com.lotus.carsdomestic.intl 1.2.8 has allowBackup=true set in its manifest, allowing data exfiltration via ADB backup on rooted or debug-enabled devices. This presents a risk of user data exposure...

CVE-2025-50861

The Lotus Cars Android app com.lotus.carsdomestic.intl 1.2.8 contains an exported component, PushDeepLinkActivity, which is accessible without authentication via ADB or malicious apps. This poses a risk of unintended access to application internals and can cause denial of service or logic abuse...

Malicious code in do-wnload-available-36615-big-shiny-cars-skip6-dggtzj (npm)

The package do-wnload-available-36615-big-shiny-cars-skip6-dggtzj was found to contain malicious code...

MAL-2025-18548 Malicious code in do-wnload-available-36615-big-shiny-cars-skip6-dggtzj (npm)

The package do-wnload-available-36615-big-shiny-cars-skip6-dggtzj was found to contain malicious code...

CVE-2025-50861

The CVE-2025-50861 entry affects the Lotus Cars Android App (com.lotus.carsdomestic.intl) version 1.2.8, where the exported component PushDeepLinkActivity is accessible without authentication via ADB or malicious apps. This could allow unintended access to application internals and may lead to de...

Altus Cars Lotus Cars Android app 安全漏洞

Altus Cars Lotus Cars Android app is a mobile app from UK-based Altus Cars that provides vehicle remote control and connectivity services. A security vulnerability exists in Altus Cars Lotus Cars Android app version 1.2.8, which stems from allowBackup set to true, which could lead to user data...

Altus Cars Lotus Cars Android app 安全漏洞

Altus Cars Lotus Cars Android app is a mobile app from Altus Cars UK that provides vehicle remote control and connectivity services. A security vulnerability exists in Altus Cars Lotus Cars Android app version 1.2.8, which originates from unauthenticated access to a component and could lead to a...

CVE-2025-50861

The Lotus Cars Android app com.lotus.carsdomestic.intl 1.2.8 contains an exported component, PushDeepLinkActivity, which is accessible without authentication via ADB or malicious apps. This poses a risk of unintended access to application internals and can cause denial of service or logic abuse...

CVE-2025-50862

The Lotus Cars Android app com.lotus.carsdomestic.intl 1.2.8 has allowBackup=true set in its manifest, allowing data exfiltration via ADB backup on rooted or debug-enabled devices. This presents a risk of user data exposure...

CVE-2025-50861

The Lotus Cars Android app com.lotus.carsdomestic.intl 1.2.8 contains an exported component, PushDeepLinkActivity, which is accessible without authentication via ADB or malicious apps. This poses a risk of unintended access to application internals and can cause denial of service or logic abuse...

PT-2025-33410 · Lotus Cars · Lotus Cars Android App

Name of the Vulnerable Software and Affected Versions: Lotus Cars Android app com.lotus.carsdomestic.intl version 1.2.8 Description: The Lotus Cars Android app allows data exfiltration via ADB backup on rooted or debug-enabled devices due to the allowBackup=true flag being set in its manifest. Th...

PT-2025-33409 · Lotus Cars · Lotus Cars Android App

Name of the Vulnerable Software and Affected Versions: Lotus Cars Android App version 1.2.8 Description: The Lotus Cars Android app com.lotus.carsdomestic.intl version 1.2.8 contains an exported component, PushDeepLinkActivity, which is accessible without authentication via ADB or malicious apps...