EUVD-2026-36433

The Yarbo cloud does not enforce per-device or per-user authorization. Any client possessing valid credentials, whether the shared hard-coded credentials or legitimate per-user credentials, can subscribe to wildcard topics covering all robots globally, and can publish to any robot's command topic...

CVE-2024-2104 JBL: Improper BLE security configurations and lack of authentication on the device's GATT server

Due to improper BLE security configurations on the device's GATT server, an adjacent unauthenticated attacker can read and write device control commands through the mobile app service wich could render the device unusable...

CVE-2024-41791

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager All versions. The web interface of affected devices does not authenticate report creation requests. This could allow an unauthenticated remote attacker to read or clear the log files on the device, reset the device or set the...

Design/Logic Flaw

A vulnerability in the Security Intelligence feed feature of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass the Security Intelligence DNS feed. This vulnerability is due to incorrect feed update processing. An attacker could exploit this...

CVE-2022-20730 Cisco Firepower Threat Defense Software Security Intelligence DNS Feed Bypass Vulnerability

A vulnerability in the Security Intelligence feed feature of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass the Security Intelligence DNS feed. This vulnerability is due to incorrect feed update processing. An attacker could exploit this...

Cisco Firepower Threat Defense Software Security Intelligence DNS Feed Bypass Vulnerability

A vulnerability in the Security Intelligence feed feature of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass the Security Intelligence DNS feed. This vulnerability is due to incorrect feed update processing. An attacker could exploit this...

CVE-2022-20730

A vulnerability in the Security Intelligence feed feature of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass the Security Intelligence DNS feed. This vulnerability is due to incorrect feed update processing. An attacker could exploit this...

How to Stop Facebook App From Tracking Your Location In the Background

Every app installed on your smartphone with permission to access location service "can" continually collect your real-time location secretly, even in the background when you do not use them. Do you know? — Installing the Facebook app on your Android and iOS smartphones automatically gives the...