48 matches found
MINI-5V9M-RF59-CMC4
Bulletin has no description...
CVE-2026-7733
A flaw has been found in funadmin up to 7.1.0-rc6. This affects the function UploadService::chunkUpload of the file app/common/service/UploadService.php of the component Frontend Chunked Upload Endpoint. This manipulation of the argument File causes unrestricted upload. The attack is possible to ...
TCLBANKER Banking Trojan Targets Financial Platforms via WhatsApp and Outlook Worms
Threat hunters have flagged a previously undocumented Brazilian banking trojan dubbed TCLBANKER that's capable of targeting 59 banking, fintech, and cryptocurrency platforms. The activity is being tracked by Elastic Security Labs under the moniker REF3076. The malware family is assessed to be a...
PT-2026-36762
A flaw has been found in funadmin up to 7.1.0-rc6. This affects the function UploadService::chunkUpload of the file app/common/service/UploadService.php of the component Frontend Chunked Upload Endpoint. This manipulation of the argument File causes unrestricted upload. The attack is possible to ...
GHSA-CQFX-GF56-8X59
creationtimestamp| type| source ---|---|--- 2026-04-07 17:29:08+00:00| seen| Telegram/S0o7tCbZtDmnRvZjM5kXvvB9yXwoblxnXV5GlrmaLffoEZI...
MINI-M4R2-C746-5V59
Bulletin has no description...
PT-2026-22379
Name of the Vulnerable Software and Affected Versions ClipBucket versions prior to 5.5.3 Description ClipBucket is an open source video sharing platform. Prior to version 5.5.3 59, collection item operations are susceptible to authorization flaws. Authenticated users can modify collection items...
`polymarket-clients-sdk` was removed from crates.io for malicious code
It appeared to be typosquatting existing crate polymarket-client-sdk clients vs client and attempting to steal credentials from local files. The malicious crate had 6 versions published on 2026-02-05 and had been downloaded only 59 times. There were no crates depending on this crate on crates.io...
MAL-2025-155153 Malicious code in fitra-poke59 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a310861ad04921a32ac5bfd45bec205b18bc71861950a875637e27fa15f81322 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
SUSE-SU-2025:02392-1 Security update for the Linux Kernel (Live Patch 59 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122225 fixes several issues. The following security issues were fixed: - CVE-2024-53146: NFSD: Prevent a potential integer overflow bsc1234854. - CVE-2022-49465: blk-throttle: Set BIOTHROTTLED when bio has been throttled bsc1238920. - CVE-2024-53214:...
CVE-2024-21065
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Workflow. Supported versions that are affected are 8.59, 8.60 and 8.61. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise...
CVE-2024-21180
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: OpenSearch Dashboards. Supported versions that are affected are 8.59, 8.60 and 8.61. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft...
CVE-2023-22047
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Portal. Supported versions that are affected are 8.59 and 8.60. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise...
PT-2024-33667 · Zitadel +1 · Zitadel +1
Name of the Vulnerable Software and Affected Versions: Zitadel versions prior to 2.64.0 Zitadel versions prior to 2.63.5 Zitadel versions prior to 2.62.7 Zitadel versions prior to 2.61.4 Zitadel versions prior to 2.60.4 Zitadel versions prior to 2.59.5 Zitadel versions prior to 2.58.7 Description...
CVE-2024-21255
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: XMLPublisher. Supported versions that are affected are 8.59, 8.60 and 8.61. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterpri...
Xiaomi GetApps 安全漏洞
Xiaomi GetApps is a global app store by Chinese company Xiaomi. It is used by developers to publish and distribute their apps to over 200 million users in 59 regions. A security vulnerability exists in Xiaomi GetApps that stems from authentication logic that can be bypassed...
CVE-2024-21158
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Portal. Supported versions that are affected are 8.59, 8.60 and 8.61. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise...
CVE-2023-22014
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Portal. Supported versions that are affected are 8.59 and 8.60. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where PeopleSoft Enterprise PeopleTools...
CVE-2023-21981
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Elastic Search. Supported versions that are affected are 8.58, 8.59 and 8.60. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft...
SUSE CVE-2018-5126
Memory safety bugs were reported in Firefox 58. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox 59...