CamView installer insecurely loads Dynamic Link Libraries

Overview CamView installer provided by ARUCOM Inc. insecurely loads Dynamic Link Libraries. Uncontrolled search path element CWE-427 - CVE-2015-9268 The CVSS evaluation above assume that a victim user is directed to download and place a specially crafted DLL file with the affected installer and t...

HTB-TwoMillion-Exploit

HTB-TwoMillion-Exploit Importante: Esto NO es un writeu...

CGA-6WXR-6WHF-PW65

Bulletin has no description...

CVE-2026-41850

Applications that evaluate user-supplied Spring Expression Language SpEL expressions are vulnerable to an Algorithmic Denial of Service DoS. By providing a specially crafted expression, an attacker can trigger excessive resource consumption during evaluation, leading to application degradation or...

EUVD-2026-35334

Spring MVC applications which accept user-supplied values in the cssClass, cssErrorClass, or cssStyle attributes of JSP form tags allow arbitrary HTML/JavaScript code injection, potentially resulting in a cross-site scripting XSS vulnerability. Affected versions: Spring Framework 7.0.0 through...

EUVD-2026-35301

The Recover Exit For WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to and including 1.0.3. This is due to insufficient validation and sanitization of the user-controlled tpf POST parameter before it is used in an include path in the recoverexit function...

MINI-86MW-5JGF-FM87

Bulletin has no description...

MINI-VJ88-HJ56-GW86

Bulletin has no description...

MINI-XQ46-VMJ7-WMPW

Bulletin has no description...

MINI-VPPF-7X6Q-HX39

Bulletin has no description...

MINI-PG4V-XPQQ-GVQJ

Bulletin has no description...

MINI-WPG6-PFHG-5XQQ

Bulletin has no description...

CVE-2026-11465

A security flaw has been discovered in songquanpeng one-api up to 0.6.11-preview.7. Affected by this issue is the function Redeem of the file model/redemption.go of the component Redemption Code Top-Up Endpoint. The manipulation results in business logic errors. The attack may be launched remotel...

MINI-3J4W-63WQ-GXRC

Bulletin has no description...

MINI-M4WC-RHF3-QJ73

Bulletin has no description...

MINI-8XXG-QMFH-GR82

Bulletin has no description...

MINI-JHH6-XMMR-VJ2X

Bulletin has no description...

Malicious code in void-ulid (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 17c8bf4c8a22f2c86dcf8af482d28d5fccfc1d5971289e4f06afedc17c0585a9 void-ulid impersonates the legitimate ulid/ulidx ULID generator its package.json reuses the upstream github.com/ulid/javascript repo URL but ships a...

SUSE CVE-2026-46291

In the Linux kernel, the following vulnerability has been resolved: crypto: caam - guard HMAC key hex dumps in hashdigestkey Use printhexdumpdevel for dumping sensitive HMAC key bytes in hashdigestkey to avoid leaking secrets at runtime when CONFIGDYNAMICDEBUG is enabled...

MINI-XJQC-G6CV-2W2X

Bulletin has no description...