CVE-2025-3652 Petlibro Smart Pet Feeder Platform through 1.7.31 Audio Information Disclosure via API endpoint

Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an information disclosure vulnerability that allows unauthorized access to private audio recordings by exploiting sequential audio IDs and insecure assignment endpoints. Attackers can send requests to /device/deviceAudio/use with...

Linux Distros Unpatched Vulnerability : CVE-2021-32635

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Singularity is an open source container platform. In verions 3.7.2 and 3.7.3, Dde to incorrect use of a default URL, singularity action commands run/shell/exec...

Improper Access Control in Elasticsearch

A permission issue was found in Elasticsearch versions before 5.6.15 and 6.6.1 when Field Level Security and Document Level Security are disabled and the aliases, shrink, or split endpoints are used . If the elasticsearch.yml file has xpack.security.dlsfls.enabled set to false, certain permission...