CVE-2026-41471

The Easy PayPal Events & Tickets plugin for WordPress before version 1.4 contains an information disclosure vulnerability in the QR code scanning endpoint that allows unauthenticated attackers to enumerate and retrieve all customer order records. Attackers can iterate over sequential WordPress po...

CVE-2026-41471

The Easy PayPal Events & Tickets plugin for WordPress before version 1.4 contains an information disclosure vulnerability in the QR code scanning endpoint that allows unauthenticated attackers to enumerate and retrieve all customer order records. Attackers can iterate over sequential WordPress po...

CVE-2026-41471

The CVE concerns the Easy PayPal Events & Tickets WordPress plugin (version 1.3 and earlier). A vulnerability in the QR code scanning endpoint (scan_qr.php) allows unauthenticated attackers to enumerate and retrieve all customer order records by iterating sequential WordPress post IDs, exposing s...

CVE-2026-32834

Summary: CVE-2026-32834 affects the WordPress plugin Easy PayPal Events & Tickets (version 1.3 and earlier). The vulnerability is a hardcoded authentication bypass in the QR code scanning functionality, allowing unauthenticated remote attackers to bypass hash verification by sending the hash para...

WordPress plugin Easy PayPal Events & Tickets 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

Astra Linux - уязвимость в chromium

Insufficient policy enforcement in QR scanning in Google Chrome on iOS prior to 89.0.4389.72 allowed an attacker who convinced the user to scan a QR code to bypass navigation restrictions via a crafted QR code...

ExploitSense

ExploitSense ExploitSense is a local-first vulnerability anal...

Agent Audit: A Security Analysis System for LLM Agent Applications

What should a developer inspect before deploying an LLM agent: the model, the tool code, the deployment configuration, or all three? In practice, many security failures in agent systems arise not from model weights alone, but from the surrounding software stack: tool functions that pass untrusted...

EUVD-2018-15686

Malware in sbrugna...

EUVD-2018-15685

Malware in sbrugna...

EUVD-2018-15684

Malware in sbrugna...

EUVD-2021-19465

Malware in sbrugna...

clamav -- ClamAV PDF Scanning Buffer Overflow Vulnerability

Cisco reports: A vulnerability in the PDF scanning processes of ClamAV could allow an unauthenticated, remote attacker to cause a buffer overflow condition, cause a denial of service DoS condition, or execute arbitrary code on an affected device. This vulnerability exists because memory buffers a...

CVE-2021-43530

A Universal XSS vulnerability was present in Firefox for Android resulting from improper sanitization when processing a URL scanned from a QR code. This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox 94...

[Webinar] From Code to Cloud to SOC: Learn a Smarter Way to Defend Modern Applications

Modern apps move fast—faster than most security teams can keep up. As businesses rush to build in the cloud, security often lags behind. Teams scan code in isolation, react late to cloud threats, and monitor SOC alerts only after damage is done. Attackers don't wait. They exploit vulnerabilities...

CVE-2025-27425

Scanning certain QR codes that included text with a website URL could allow the URL to be opened without presenting the user with a confirmation alert first This vulnerability affects Firefox for iOS 136...

CVE-2025-27425

Scanning certain QR codes that included text with a website URL could allow the URL to be opened without presenting the user with a confirmation alert first. This vulnerability was fixed in Firefox for iOS 136...

CVE-2025-27425 QR code user confirmation bypass with invalid protocol

Scanning certain QR codes that included text with a website URL could allow the URL to be opened without presenting the user with a confirmation alert first. This vulnerability was fixed in Firefox for iOS 136...

Security Vulnerabilities fixed in Firefox for iOS 136 — Mozilla

Malicious websites utilizing a server-side redirect to an internal error page could result in a spoofed website URL Websites redirecting to a non-HTTP scheme URL could allow a website address to be spoofed for a malicious page Scanning certain QR codes that included text with a website URL could...

Pairwise Authentication of Humans

Here's an easy system for two humans to remotely authenticate to each other, so they can be sure that neither are digital impersonations. To mitigate that risk, I have developed this simple solution where you can setup a unique time-based one-time passcode TOTP between any pair of persons. This i...