34 matches found
CVE-2026-32839
Edimax GS-5008PL firmware 1.00.54 and earlier is impacted by a cross-site request forgery (CSRF) vulnerability. The issue stems from lack of anti-CSRF tokens and insufficient request validation, enabling remote attackers to coerce logged-in administrators into performing actions via malicious pag...
CVE-2026-22914
An attacker with limited permissions may still be able to write files to specific locations on the device, potentially leading to system manipulation...
CVE-2025-65832
The mobile application insecurely handles information stored within memory. By performing a memory dump on the application after a user has logged out and terminated it, Wi-Fi credentials sent during the pairing process, JWTs used for authentication, and other sensitive details can be retrieved. ...
CVE-2025-41696
An attacker can use an undocumented UART port on the PCB as a side-channel with the user hardcoded credentials obtained from CVE-2025-41692 to gain read access to parts of the filesystem of the device...
Google Android 安全漏洞
Google Android is a free and open source mobile operating system based on the Linux kernel developed by Google. Google Android suffers from a logic error vulnerability that stems from a logic error issue in Session.java, which can be exploited by an attacker to view images of other users on the...
PT-2025-45151
Name of the Vulnerable Software and Affected Versions Apple iOS versions prior to 18.7.2 Apple iPadOS versions prior to 18.7.2 Description An attacker with physical access to a locked device may be able to view sensitive user information. The issue was addressed by restricting options offered on ...
EUVD-2020-7479
Malware in sbrugna...
EUVD-2017-2267
Malware in sbrugna...
New Study Warns Several Free iOS and Android VPN Apps Leak Data
A Zimperium zLabs analysis of 800 free Android and iOS VPN apps exposes critical security flaws, including the Heartbleed bug, excessive system permissions, and non-transparent data practices. Learn how these 'privacy' tools are actually major security risks, especially for BYOD environments...
EUVD-2023-38447
Malicious code in bioql PyPI...
EUVD-2022-39551
Malicious code in bioql PyPI...
EUVD-2022-42355
Malicious code in bioql PyPI...
CVE-2025-59404
Flock Safety Bravo Edge AI Compute Device BRAVO00.00local20241017 ships with its bootloader unlocked. This permits bypass of Android Verified Boot AVB and allows direct modification of partitions...
Malicious code in oauthly (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f51e9d4666c50bc7bc1a5f83811020d5da995fc251b9ec96a9ad3b8a3c6e2ecf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Linux Distros Unpatched Vulnerability : CVE-2023-52871
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: soc: qcom: llcc: Handle a second device without data corruption Usually there is only one ll...
CBL Mariner 2.0 Security Update: opensc (CVE-2024-45619)
The version of opensc installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-45619 advisory. - A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. An attacker could use...
Malicious code in monorepo-lens (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0f3e71104e7ff045d83a7ee05b586b32a0dcd36fe13de652bff3133b84d340a3 Any computer that has this package installed or running should be considered...
CVE-2022-41576
The rphone module has a script that can be maliciously modified.Successful exploitation of this vulnerability may cause irreversible programs to be implanted on user devices...
Linux Distros Unpatched Vulnerability : CVE-2016-3140
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The digiportinit function in drivers/usb/serial/digiacceleport.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of...
Linux Distros Unpatched Vulnerability : CVE-2017-15102
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The towerprobe function in drivers/usb/misc/legousbtower.c in the Linux kernel before 4.8.1 allows local users who are physically proximate for inserting a...