CVE-2026-5115

The PaperCut NG/MF specifically, the embedded application for Konica Minolta devices is vulnerable to session hijacking. The PaperCut NG/MF Embedded application is a software interface that runs directly on the touch screen of a multi-function device. It was internally discovered that the...

CVE-2026-5115 Session hijacking in PaperCut NG/MF embedded application for Konica Minolta devices

The PaperCut NG/MF specifically, the embedded application for Konica Minolta devices is vulnerable to session hijacking. The PaperCut NG/MF Embedded application is a software interface that runs directly on the touch screen of a multi-function device. It was internally discovered that the...

CVE-2026-5115

The CVE concerns PaperCut NG/MF, specifically the embedded application running on Konica Minolta devices. The issue is session hijacking caused by an insecure communication channel between the embedded app and the server, enabling potential data leakage and misuse (e.g., phishing) on user devices...

PT-2026-29170

The PaperCut NG/MF specifically, the embedded application for Konica Minolta devices is vulnerable to session hijacking. The PaperCut NG/MF Embedded application is a software interface that runs directly on the touch screen of a multi-function device. It was internally discovered that the...

EUVD-2020-7510

Malware in sbrugna...

[SECURITY] Fedora 41 Update: mbedtls-2.28.9-1.fc41

Mbed TLS is a light-weight open source cryptographic and SSL/TLS library written in C. Mbed TLS makes it easy for developers to include cryptographic and SSL/TLS capabilities in their embedded applications with as little hassle as possible...

PSF-2020-4 Py_SetPath(): _Py_CheckPython3 uses uninitialized DLL path

In Python 3.6 through 3.6.10, 3.7 through 3.7.8, 3.8 through 3.8.4rc1, and 3.9 through 3.9.0b4 on Windows, a Trojan horse python3.dll might be used in cases where CPython is embedded in a native application. This occurs because python3X.dll may use an invalid search path for python3.dll loading...

Security Bulletin: Vulnerability in RC4 stream cipher affects OpenPages GRC Platform with Application Server (CVE-2015-2808)

Summary The RC4 “Bar Mitzvah” Attack for SSL/TLS affects OpenPages GRC Platform with Application Server. Vulnerability Details CVEID: CVE-2015-2808 DESCRIPTION: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An...

CVE-2017-5217

Installing a zero-permission Android application on certain Samsung Android devices with KK4.4, L5.0/5.1, and M6.0 software can continually crash the systemserver process in the Android OS. The zero-permission app will create an active install session for a separate app that it has embedded withi...

SoftMaker Office 201x Privilege Escalation

Hi @ll, the service pack installers for SoftMaker Office 201x, available from , are surprise.- vulnerable. The executable installer OUCH ofw16763.exe, a 7z SFX OUCH, creates an UNPROTECTED directory "%TEMP%\7zSxxxxxxxx" to extract its payload, then executes "%TEMP%\7zSxxxxxxxx\spsetup.exe"...