34 matches found
CVE-2026-13768
CVE-2026-13768 affects Gardyn Home Kit and Gardyn Studio. The root cause is exposure of a privileged iothubowner credential, which enables a malicious user to invoke IoTHub Registry Manager functions to obtain connection information for all Gardyn devices and to execute commands on a specific dev...
EUVD-2026-41237
GeoWebPlayer also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud is an addon that can be installed with various GeoVision software GV-VMS, GV-Cloud, .... It creates a websocket server that expands the capabilities of the various web-interfaces provided by the...
CVE-2026-57274
GeoWebPlayer also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud is an addon that can be installed with various GeoVision software GV-VMS, GV-Cloud, .... It creates a websocket server that expands the capabilities of the various web-interfaces provided by the...
CVE-2026-57274
GeoWebPlayer’s CVE-2026-57274 is a buffer overflow in the connectInfo password handling of the Websocket Server (no key present) affecting GeoWebPlayer 1.1.1.0. A crafted websocket message can overflow the 64-byte password buffer, potentially enabling arbitrary code execution. Vendor patch releas...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
A race condition was detected in the Linux kernel’s net/bluetooth device driver, specifically in the conninfomin,maxageset function. This can lead to an integrity overflow issue, potentially causing abnormal Bluetooth connections or denial of service...
CVE-2022-33734
Sensitive information exposure in onCharacteristicChanged in Charm by Samsung prior to version 1.2.3 allows attacker to get bluetooth connection information without permission...
CVE-2023-54260 cifs: Fix lost destroy smbd connection when MR allocate failed
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix lost destroy smbd connection when MR allocate failed If the MR allocate failed, the smb direct connection info is NULL, then smbddestroy will directly return, then the connection info will be leaked. Let's set the smb...
EUVD-2007-4583
Malware in sbrugna...
EUVD-2020-0046
Malware in sbrugna...
EUVD-2022-36772
Malicious code in bioql PyPI...
CVE-2025-29992
Mahara before 24.04.9 exposes database connection information if the database becomes unreachable, e.g., due to the database server being temporarily down or too busy...
CVE-2025-29992
Mahara before 24.04.9 exposes database connection information if the database becomes unreachable, e.g., due to the database server being temporarily down or too busy...
CVE-2025-29992
Mahara before 24.04.9 exposes database connection information if the database becomes unreachable, e.g., due to the database server being temporarily down or too busy...
CVE-2025-29992
CVE-2025-29992 affects Mahara prior to 24.04.9. When the database becomes unreachable (e.g., temporarily down or overloaded), Mahara may disclose database connection information. The issue is documented across multiple sources (Red Hat, NVD, OpenVAS, CVE lists) with a consistent description: expo...
PT-2025-34771
Name of the Vulnerable Software and Affected Versions: Mahara versions prior to 24.04.9 Description: Mahara versions prior to 24.04.9 expose database connection information when the database is unreachable, such as during temporary downtime or periods of high load. Recommendations: Update to...
Linux Distros Unpatched Vulnerability : CVE-2020-10755
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An insecure-credentials flaw was found in all openstack-cinder versions before openstack-cinder 14.1.0, all openstack-cinder 15.x.x versions before...
CVE-2021-24164
In the Ninja Forms Contact Form WordPress plugin before 3.4.34.1, low-level users, such as subscribers, were able to trigger the action, wpajaxnfoauth, and retrieve the connection url needed to establish a connection. They could also retrieve the clientid for an already established OAuth connecti...
CVE-2019-0390
Under certain conditions SAP Data Hub corrected in DHFoundation version 2 allows an attacker to access information which would otherwise be restricted. Connection details that are maintained in Connection Manager are visible to users...
BIT-SUPERSET-2020-13952
In the course of work on the open source project it was discovered that authenticated users running queries against Hive and Presto database engines could access information via a number of templated fields including the contents of query description metadata database, the hashed version of the...
Contract Management System 授权问题漏洞
Contract Management System is a contract management system. It enables companies to create new contracts and track the status of existing contracts to ensure that employees, vendors, and customers meet defined requirements. A security vulnerability exists in Contract Management System version v2....