EUVD-2023-34931

Malicious code in bioql PyPI...

CVE-2024-1779

The Admin side data storage for Contact Form 7 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ztdcfcfchangestatus function in all versions up to, and including, 1.1.1. This makes it possible for unauthenticated attackers to alter t...

CVE-2023-48302

Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.13, 26.0.8, and 27.1.3 of Nextcloud Server and Nextcloud Enterprise Server, when a user is tricked into copy pasting HTML code without markup Ctrl+Shift+V the...

CVE-2025-30394

Sensitive data storage in improperly locked memory in Remote Desktop Gateway Service allows an unauthorized attacker to deny service over a network...

KB5053618: Windows 10 LTS 1507 Security Update (March 2025)

The remote Windows host is missing security update 5053618. It is, therefore, affected by multiple vulnerabilities - Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network. CVE-2025-26645 - Sensitive data storage in improperly locked memory...

KB5053598: Windows 11 Version 24H2 / Windows Server 2025 Security Update (March 2025)

The remote Windows host is missing security update 5053598. It is, therefore, affected by multiple vulnerabilities - Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network. CVE-2025-26645 - Sensitive data storage in improperly locked memory...

KB5053594: Windows 10 Version 1607 / Windows Server 2016 Security Update (March 2025)

The remote Windows host is missing security update 5053594. It is, therefore, affected by multiple vulnerabilities - Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network. CVE-2025-26645 - Sensitive data storage in improperly locked memory...

CVE-2024-25066

CVE-2024-25066 affects RSA Authentication Manager prior to 8.7 SP2 Patch 1. It enables XML External Entity (XXE) attacks via a license file, allowing attacker-controlled files to be stored on the server. Data exfiltration is not possible. Remediation: upgrade to 8.7 SP2 Patch 1 or later; as a tem...

CVE-2022-27549

HCL Launch may store certain data for recurring activities in a plain text format...

U.S. Dept Of Defense: Sensitive Information Leaking Through DoD Owned Website. [██████████]

Summary While performing recon work on websites owned by DoD i came up with ██████████ website which is leaking sensitive information. Description The above website is leaking information such as- first name and last name, email address, phone number, house address and organization name of...