CVE-2026-5244

A vulnerability has been found in Cesanta Mongoose up to 7.20. This affects the function mgtlsrecvcert of the file mongoose.c of the component TLS 1.3 Handler. Such manipulation of the argument pubkey leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been...

EUVD-2026-4011

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in noCreativity Dooodl dooodl allows Reflected XSS.This issue affects Dooodl: from n/a through = 2.3.0...

Discord warns users after data stolen in third-party breach

Popular social platform Discord has suffered a data breach—though technically, it wasn’t Discord itself that was hacked. A third-party customer support provider was compromised, allowing attackers to access Discord’s user data. Either way, it’s Discord users who feel the impact. The breach, which...

Google Pay, Drug Bots, and SIM Swaps: How Old Leaks and New Vulnerabilities Power Attacks

It starts with something simple: a CAPTCHA box on your screen. You type the number you see, because of course you do. That’s what humans do online. But what if that “CAPTCHA” wasn’t a CAPTCHA at all? In this post, I’ll walk you through how old data leaks, lazy telecom verification, and a...

RHSA-2024:0948

creationtimestamp| type| source ---|---|--- 2024-02-28 16:16:12+00:00| seen| https://t.me/ctinow/195616...

Duplicate of GHSA-4xh4-v2pq-jvhm

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-4xh4-v2pq-jvhm. This link is maintained to preserve external references. Original Description The personnummer implementation before 3.0.3 for Dart mishandles numbers in which the last four digits match the...

Dart 输入验证错误漏洞

Dart is an open source programming language. A security vulnerability exists in versions prior to Dart 3.0.3, which stems from personnummer incorrectly handling the last four digits of a number that matches a ^0000-9$ regular expression...

PT-2022-28157 · Python +8 · Python +9

Name of the Vulnerable Software and Affected Versions: personnummer versions prior to 3.0.3 Dart versions prior to 3.0.3 C versions prior to 3.0.2 Elixir versions prior to 3.0.0 Go versions prior to 3.0.1 Java versions prior to 3.3.0 JavaScript versions prior to 3.1.0 Kotlin versions prior to 1.1...

CVE-2022-30325

An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The default pre-shared key for the Wi-Fi networks is the same for every router except for the last four digits. The device default pre-shared key for both 2.4 GHz and 5 GHz networks can be guessed or brute-forced by an attacker...

CLSA-2021-1636378490 Fix of CVE: CVE-2017-20005

CVE-2017-20005: fix buffer overflow for years that exceed four digits...

CLSA-2021-1635430310 Fix CVE(s): CVE-2017-20005

SECURITY UPDATE: Fix buffer overflow for years that exceed four digits. - debian/patches/CVE-2017-20005.patch - CVE-2017-20005...

Improper Input Validation

Overview Affected versions of this package are vulnerable to Improper Input Validation. The last four digits of the number are not validated. Remediation Upgrade personnummer to version 3.0.1 or higher. References - GitHub Additional Information - GitHub Advisory - GitHub Commit - GitHub Commit...

AppleTV AirPlay Login Utility

This module attempts to authenticate to an AppleTV service with the username, 'AirPlay'. The device has two different access control modes: OnScreen and Password. The difference between the two is the password in OnScreen mode is numeric-only and four digits long, which means when this option is...