CVE-2025-61506

An issue was discovered in MediaCrush thru 1.0.1 allowing remote unauthenticated attackers to upload arbitrary files of any size to the /upload endpoint...

MediaCrush 安全漏洞

MediaCrush is a media hosting and sharing platform provided by the Israeli company MediaCrush. Versions of MediaCrush 1.0.1 and earlier contained security vulnerabilities. These vulnerabilities stemmed from allowing remote, unverified attackers to upload arbitrary files, potentially leading to...

CVE-2025-14482

CVE-2025-14482 is a vulnerability in the Crush.pics Image Optimizer WordPress plugin (versions

EUVD-2025-23545

Malicious code in bioql PyPI...

MAL-2025-36325 Malicious code in test-mlw2-sprug-crush (npm)

The package test-mlw2-sprug-crush was found to contain malicious code...

Malicious code in test-mlw2-sprug-crush (npm)

The package test-mlw2-sprug-crush was found to contain malicious code...

MAL-2025-8526 Malicious code in @malware-test-build-tazza-pasta-crush/test-mlw3-build-tazza-pasta-crush (npm)

The package @malware-test-build-tazza-pasta-crush/test-mlw3-build-tazza-pasta-crush was found to contain malicious code...

CVE-2025-8523

A vulnerability has been found in RiderLike Fruit Crush-Brain App 1.0 on Android and classified as problematic. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the component com.fruitcrush.fun. The manipulation leads to improper export of android...

CVE-2025-8523

CVE-2025-8523 affects RiderLike Fruit Crush-Brain App 1.0 on Android, with improper export of AndroidManifest.xml in the com.fruitcrush.fun component. This allows launching an attack on the local host and exploitation has been publicly disclosed. Vendor has not responded to disclosure. Connected ...

CVE-2025-8523 RiderLike Fruit Crush-Brain App com.fruitcrush.fun AndroidManifest.xml improper export of android application components

A vulnerability has been found in RiderLike Fruit Crush-Brain App 1.0 on Android and classified as problematic. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the component com.fruitcrush.fun. The manipulation leads to improper export of android...

CVE-2025-8523 RiderLike Fruit Crush-Brain App com.fruitcrush.fun AndroidManifest.xml improper export of android application components

A vulnerability has been found in RiderLike Fruit Crush-Brain App 1.0 on Android and classified as problematic. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the component com.fruitcrush.fun. The manipulation leads to improper export of android...

PT-2025-31859 · Unknown +1 · Riderlike Fruit Crush-Brain App +1

Name of the Vulnerable Software and Affected Versions: RiderLike Fruit Crush-Brain App version 1.0 Description: A vulnerability exists in RiderLike Fruit Crush-Brain App version 1.0 on Android due to improper export of android application components within the AndroidManifest.xml file of the...

Google Warns of Internet Explorer Zero-Day Vulnerability Exploited by ScarCruft Hackers

An Internet Explorer zero-day vulnerability was actively exploited by a North Korean threat actor to target South Korean users by capitalizing on the recent Itaewon Halloween crowd crush to trick users into downloading malware. The discovery, reported by Google Threat Analysis Group researchers...

SUSE: Security Advisory (SUSE-SU-2019:2736-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 Security Update : ceph, ceph-iscsi, ses-manual_en (SUSE-SU-2019:2736-1)

This update for ceph, ceph-iscsi and ses-manualen fixes the following issues : Security issues fixed : CVE-2019-10222: Fixed RGW crash caused by unauthenticated clients. bsc1145093 Non-security issues-fixed: ceph-volume: prints errors to stdout with --format json bsc1132767 mgr/dashboard: Changin...

X (Formerly Twitter): url that twitter mobile site can not load

Summary: A url that twitter mobile site can not load, crushes any page containing this url Description: Invalid hex characters crushes twitter mobile site as example go to https://mobile.twitter.com/?%xx twitter won't load. 1 Sending such url on a direct message, twitter will no longer be able to...

WinSCP 5.9.4 LIST Denial Of Service

Exploit Title: WinSCP 5.9.4 - LIST Command Denial of service Crush application Date: 4-4-2017 mm.dd.yy Exploit Author: M.Ibrahim [email protected] E-Mail: vulnbug gmail.com Vendor Home Page: https://winscp.net/eng/index.php Vendor download link: https://winscp.net/download/WinSCP-5.9.4-Setup.exe...

Candy Crush Saga - Dangerous filesystem permissions, Exported ContentProvider, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Candy Crush Saga published at the 'play' market has multiple vulnerabilities...

Forest Crush Tour - Customized SSL, Dangerous filesystem permissions, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application Forest Crush Tour published at the 'play' market has multiple vulnerabilities...

Lost Jewel Crush - Base64 encoded String, Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Lost Jewel Crush published at the 'play' market has multiple vulnerabilities...