CVE-2025-14353

The ZIP Code Based Content Protection plugin for WordPress is vulnerable to SQL Injection in all versions up to 1.0.2 via the 'zipcode' parameter. The issue arises from insufficient escaping of the user-supplied parameter and a lack of proper preparation in the existing SQL query, enabling unauth...

WordPress plugin ZIP Code Based Content Protection SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

EUVD-2007-1218

Malware in sbrugna...

EUVD-2007-0018

Malware in sbrugna...

EUVD-2015-5905

Malware in sbrugna...

EUVD-2025-27433

Malicious code in bioql PyPI...

EUVD-2023-25572

Malicious code in bioql PyPI...

Obelix: Mitigating Side-Channels through Dynamic Obfuscation

Trusted execution environments TEEs offer hardware-assisted means to protect code and data. However, as shown in numerous results over the years, attackers can use side-channels to leak data access patterns and even single-step the code. While the vendors are slowly introducing hardware-based...

CVE-2025-59008

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in PressTigers ZIP Code Based Content Protection zip-code-based-content-protection allows SQL Injection.This issue affects ZIP Code Based Content Protection: from n/a through = 1.0.0...

PT-2025-36815

Name of the Vulnerable Software and Affected Versions: PressTigers ZIP Code Based Content Protection versions through 1.0.0 Description: The software contains a SQL injection issue due to improper neutralization of special elements used in an SQL command. This allows for SQL injection...

WordPress ZIP Code Based Content Protection plugin <= 1.0.0 - SQL Injection vulnerability

SQL Injection vulnerability discovered by RoyTdd in WordPress Plugin ZIP Code Based Content Protection versions = 1.0.0...

ObfusBFA: a Holistic Approach to Safeguarding DNNs from Different Types of Bit-Flip Attacks

Bit-flip attacks BFAs represent a serious threat to Deep Neural Networks DNNs, where flipping a small number of bits in the model parameters or binary code can significantly degrade the model accuracy or mislead the model prediction in a desired way. Existing defenses exclusively focus on...

Mattermost Server 9.5.x < 9.5.11, 9.11.x < 9.11.3, 10.1.0 (MMSA-2024-00370)

The version of Mattermost Server installed on the remote host is prior to 9.5.11, 9.11.3 or 10.1.0. It is, therefore, affected by a vulnerability as referenced in the MMSA-2024-00370 advisory. - Mattermost versions 9.11.x = 9.11.2, and 9.5.x = 9.5.10 fail to protect the mfa code against replay...

Frida-JIT-unPacker: An Imperva Contribution to the Security Research Community, Presented at Black Hat Asia 2024

In the ever-evolving landscape of cybersecurity threats, the battle against malicious bots is a critical concern for web applications. These bots, in addition to their ability to circumvent application security measures, are usually protected with advanced source code protection to prevent the...

AXIS OS 安全漏洞

AXIS Os is an edge device operating system from Axis Sweden. A security vulnerability exists in AXIS OS versions 11.0.x-11.3.x, which stems from the use of static RSA keys in legacy LUA components to protect Axis-specific source code...

MGASA-2021-0517 Updated rust packages fix security vulnerability

Updated rust packages fix security vulnerability This update mitigates a security concern in the Unicode standard, affecting source code containing "bidirectional override" Unicode codepoints: in some cases the use of those codepoints could lead to the reviewed code being different than the...

Google Mending Another Crack in Widevine

For the second time in as many years, Google is working to fix a weakness in its Widevine digital rights management DRM technology used by online streaming sites like Disney, Hulu and Netflix to prevent their content from being pirated. The latest cracks in Widevine concern the encryption...

Reminder: Malware Can Exploit Improper Configurations

Protect yourself from unwanted—and potentially harmful—files or programs by adhering to vendor-recommended configurations for hardware and software. Doing so in addition to maintaining regular patch maintenance, will help give your systems and networks the best security possible. The Cybersecurit...

CVE-2019-14236

On STMicroelectronics STM32L0, STM32L1, STM32L4, STM32F4, STM32F7, and STM32H7 devices, Proprietary Code Read Out Protection PCROP a software IP protection method can be defeated by observing CPU registers and the effect of code/instruction execution...

Financial Apps are Ripe for Exploit via Reverse Engineering

A white hat hacker reverse engineered 30 mobile financial applications and found sensitive data buried in the underlying code of nearly all apps examined. With this information a hacker could, for example, recover application programming interface API keys and use them to attack the vendor’s...