CVE-2026-3670 Freedom Factory dGEN1 com.dgen.alarm improper authorization

A vulnerability was detected in Freedom Factory dGEN1 up to 20260221. Affected is an unknown function of the component com.dgen.alarm. Performing a manipulation results in improper authorization. The attack requires a local approach. The exploit is now public and may be used. The vendor was...

CVE-2026-3669 Freedom Factory dGEN1 com.dgen.alarm AlarmService improper authorization

A security vulnerability has been detected in Freedom Factory dGEN1 up to 20260221. This impacts the function AlarmService of the component com.dgen.alarm. Such manipulation leads to improper authorization. The attack needs to be performed locally. The exploit has been disclosed publicly and may ...

CVE-2026-3669 Freedom Factory dGEN1 com.dgen.alarm AlarmService improper authorization

A security vulnerability has been detected in Freedom Factory dGEN1 up to 20260221. This impacts the function AlarmService of the component com.dgen.alarm. Such manipulation leads to improper authorization. The attack needs to be performed locally. The exploit has been disclosed publicly and may ...

[20260302] - Core - SQL injection in com_content articles webservice endpoint

Improperly built order clauses lead to a SQL injection vulnerability in the articles webservice endpoint...

Malicious Package

Overview @bookings.microsoft.com/s is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

IBM: SQL Injection vulnerability found on ibm.com endpoint

A SQL injection vulnerability was found on an ibm.com endpoint. The vulnerability was reported to IBM, analyzed, and remediated...

CleverTap Web SDK 安全漏洞

The CleverTap Web SDK is an open-source developer toolkit developed by CleverTap. Versions of the CleverTap Web SDK prior to 1.15.2 contain security vulnerabilities. These vulnerabilities stem from the source validation in the Visual Builder module, where the includes method is used to check...

Exploit for SQL Injection in Joomla Joomla\!

CVE-2017-8917 Joomla SQLi PoC This repository contains a simp...

CVE-2026-2017

A vulnerability was detected in IP-COM W30AP up to 1.0.0.111340. Affected by this issue is the function R7WebsSecurityHandler of the file /goform/wx3auth of the component POST Request Handler. The manipulation of the argument data results in stack-based buffer overflow. The attack may be performe...

CVE-2026-2017

A vulnerability was detected in IP-COM W30AP up to 1.0.0.111340. Affected by this issue is the function R7WebsSecurityHandler of the file /goform/wx3auth of the component POST Request Handler. The manipulation of the argument data results in stack-based buffer overflow. The attack may be performe...

CVE-2026-2017 IP-COM W30AP POST Request wx3auth R7WebsSecurityHandler stack-based overflow

A vulnerability was detected in IP-COM W30AP up to 1.0.0.111340. Affected by this issue is the function R7WebsSecurityHandler of the file /goform/wx3auth of the component POST Request Handler. The manipulation of the argument data results in stack-based buffer overflow. The attack may be performe...

CVE-2026-2017 IP-COM W30AP POST Request wx3auth R7WebsSecurityHandler stack-based overflow

A vulnerability was detected in IP-COM W30AP up to 1.0.0.111340. Affected by this issue is the function R7WebsSecurityHandler of the file /goform/wx3auth of the component POST Request Handler. The manipulation of the argument data results in stack-based buffer overflow. The attack may be performe...

CVE-2026-2017

IP-COM W30AP is affected up to version 1.0.0.11(1340). The vulnerability resides in the R7WebsSecurityHandler of the POST Request Handler at /goform/wx3auth, where manipulating the data argument causes a stack-based buffer overflow. It can be triggered remotely and the exploit is publicly availab...

CVE-2026-1592

Foxit PDF Editor Cloud pdfonline contains a stored cross-site scripting vulnerability in the Create New Layer feature. Unsanitized user input is embedded into the HTML output, allowing arbitrary JavaScript execution when the layer is referenced. This issue affects pdfonline.foxit.com: before...

Symantec Endpoint Protection Client < 14.3 RU8 Patch 3 / 14.3 RU9 Patch 2 / 14.3 RU10 Patch 1 Multiple Vulnerabilities (36774)

The version of Symantec Endpoint Protection SEP Client installed on the remote host is affected by a multiple vulnerabilities as referenced in the 36774 advisory. - Symantec Endpoint Protection, prior to 14.3 RU10 Patch 1, RU9 Patch 2, and RU8 Patch 3, may be susceptible to a Elevation of Privile...

CVE-2026-1592

Foxit PDF Editor Cloud pdfonline contains a stored cross-site scripting vulnerability in the Create New Layer feature. Unsanitized user input is embedded into the HTML output, allowing arbitrary JavaScript execution when the layer is referenced. This issue affects pdfonline.foxit.com: before...

CVE-2025-13919

Symantec Endpoint Protection, prior to 14.3 RU10 Patch 1, RU9 Patch 2, and RU8 Patch 3, may be susceptible to a COM Hijacking vulnerability, which is a type of issue whereby an attacker attempts to establish persistence and evade detection by hijacking COM references in the Windows Registry...

CVE-2025-13919

Symantec Endpoint Protection, prior to 14.3 RU10 Patch 1, RU9 Patch 2, and RU8 Patch 3, may be susceptible to a COM Hijacking vulnerability, which is a type of issue whereby an attacker attempts to establish persistence and evade detection by hijacking COM references in the Windows Registry...

CVE-2025-13919

The CVE-2025-13919 entry concerns Symantec Endpoint Protection Client vulnerabilities, specifically a COM Hijacking issue in Windows where references in the COM registry can be hijacked to establish persistence and evade detection. Affected software is SEP Client versions prior to 14.3 RU10 Patch...

CVE-2025-13919

Symantec Endpoint Protection, prior to 14.3 RU10 Patch 1, RU9 Patch 2, and RU8 Patch 3, may be susceptible to a COM Hijacking vulnerability, which is a type of issue whereby an attacker attempts to establish persistence and evade detection by hijacking COM references in the Windows Registry...