GHSA-P4RG-967R-W4CV

creationtimestamp| type| source ---|---|--- 2026-04-10 21:24:20+00:00| seen| Telegram/ZRwkJT-g6xqpr38tjocBfuP9bsA0qHKZRvqY91xv80DRmI...

GHSA-58R7-4WR5-HFX8

creationtimestamp| type| source ---|---|--- 2026-03-27 23:28:35+00:00| published-proof-of-concept| Telegram/GtEl0gL3vlqQaCU7OfUhEkhd2JzglfpejZoGd3NHIPeYno...

Cybersecurity Guidance for Smart Homes: A Cross-National Review of Government Sources

Smart homes are increasingly targeted by cyberattacks, yet residents often lack guidance when incidents occur. Since affected residents are likely to seek help from trustworthy sources, this paper asks: What actionable cybersecurity guidance do governments provide to smart home users whose system...

GHSA-PPM8-GJFW-8977 vulnerabilities

Vulnerabilities for packages: ffmpeg...

CVE-2025-14165 Kirim.Email WooCommerce Integration <= 1.2.9 - Cross-Site Request Forgery to Settings Update

The Kirim.Email WooCommerce Integration plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.9. This is due to missing nonce validation on the plugin's settings page. This makes it possible for unauthenticated attackers to modify the plugin's...

CVE-2022-27584

Password recovery vulnerability in SICK SIM2000ST Partnumber 1080579 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. This leads to an increase in their privileges on the system and thereby...

Sonos Speakers S1 App < 11.15.1, S2 App < 16.6 Multiple RCE Vulnerabilities (SSA-2024-0002)

Sonos speakers are prone to multiple remote code execution RCE vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPEPREFIX =...

ABB CoreSense HM and CoreSense M10

SUMMARY An update is available that resolves vulnerability in the product versions listed as affected in this advisory. A path traversal vulnerability in these products can allow unauthenticated users to gain access to restricted directories. Exploiting this vulnerability can lead to complete...

GHSA-Q2F9-X4P4-7XMH

creationtimestamp| type| source ---|---|--- 2025-04-07 20:46:11+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/10782 2025-04-07 23:31:55+00:00| seen| Telegram/5eBuvckgjMmUrrDTZuzRXBnI9rJEpd71eddmnGajLrVyIo...

GHSA-QWJ6-Q94F-8425

creationtimestamp| type| source ---|---|--- 2025-04-01 20:33:28+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/10007...

GHSA-P72Q-H37J-3HQ7

creationtimestamp| type| source ---|---|--- 2024-04-23 18:16:49+00:00| seen| https://t.me/arpsyndicate/4756...

GHSA-P28X-4R5H-PH6J

creationtimestamp| type| source ---|---|--- 2024-02-22 00:36:18+00:00| seen| https://t.me/ctinow/190249 2024-02-22 20:09:44+00:00| published-proof-of-concept| https://t.me/arpsyndicate/4030...

Rockwell Automation ThinManager

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: ThinManager ThinServer Vulnerabilities: Path Traversal, Heap-Based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an...

CVE-2022-27584

Password recovery vulnerability in SICK SIM2000ST Partnumber 1080579 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. This leads to an increase in their privileges on the system and thereby...

CVE-2022-27582

Password recovery vulnerability in SICK SIM4000 PPC Partnumber 1078787 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. This leads to an increase in their privileges on the system and there...

Rockwell Automation Logix Controllers

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely Vendor: Rockwell Automation Equipment: Logix Controllers Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an unauthorized user to send malicious messages to...

Digitally Signed Bandook Malware Once Again Targets Multiple Sectors

A cyberespionage group with suspected ties to the Kazakh and Lebanese governments has unleashed a new wave of attacks against a multitude of industries with a retooled version of a 13-year-old backdoor Trojan. Check Point Research called out hackers affiliated with a group named Dark Caracal in a...

openSUSE Security Update : backintime (openSUSE-2017-525)

This update for backintime to version 1.1.20 fixes several issues. These security issues were fixed : - CVE-2017-7572: The checkPolkitPrivilege function in serviceHelper.py in backintime used a deprecated polkit authorization method unix-process that is subject to a race condition time of check,...

DEBIAN-CVE-2006-5051

Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service crash, and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free...