SODOLA SL902-SWTGW124AS 安全漏洞

SODOLA SL902-SWTGW124AS is an industrial switch produced by the Spanish company SODOLA. Versions of SODOLA SL902-SWTGW124AS prior to version 200.1.20 contain security vulnerabilities. These vulnerabilities stem from the use of the MD5 hash function, which has weak encryption strength. This can...

CLSA-2026-1771519663 libsoup: Fix of 2 CVEs

CVE-2026-1761: fix stack-based buffer overflow in multipart HTTP response parsing caused by incorrect length calculation in soupfilterinputstreamreaduntil - CVE-2026-0719: fix stack-based buffer overflow in NTLM authentication caused by integer overflow in md4sum with excessively long passwords...

CVE-2025-11723 Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.9.5 - Unauthenticated Sensitive Information Exposure

The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.9.5 via the hash function due to use of a hardcoded fall-back salt. This makes it possible for...

CVE-2025-11723

CVE-2025-11723 : Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin for WordPress is affected up to version 1.6.9.5. The vulnerability arises from a hardcoded fallback salt used in the hash() function, enabling unauthenticated attackers to generate a valid token across sit...

PT-2026-1398

Name of the Vulnerable Software and Affected Versions Simply Schedule Appointments Booking Plugin versions prior to 1.6.9.6 Description The Appointment Booking Calendar – Simply Schedule Appointments Booking Plugin for WordPress is susceptible to sensitive information exposure due to the use of a...

UBUNTU-CVE-2023-54101

In the Linux kernel, the following vulnerability has been resolved: driver: soc: xilinx: use safe loop iterator to avoid a use after free The hashforeachpossible loop dereferences "evedata" to get the next item on the list. However the loop frees evedata so it leads to a use after free. Use...

CVE-2025-66511 Nextcloud Calendar app used predictable proposal participant tokens

Nextcloud Calendar is a calendar app for Nextcloud. Prior to 6.0.3, the Calendar app generates participant tokens for meeting proposals using a hash function, allowing an attacker to compute valid participant tokens, which allowed them to request details and submit dates in meeting proposals. The...

TencentOS Server 3: freeradius:3.0 (TSSA-2024:0764)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0764 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

OESA-2025-2522 poppler security update

is a PDF rendering library. Security Fixes: NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries.CVE-2025-43903...

CVE-2025-34519

Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an insecure hashing algorithm vulnerability. The product stores passwords using the MD5 hash function without applying a per‑password salt. Because MD5 is a fast, unsalted hash, an attacker who obtains the password database can...

CVE-2025-59452

The YoSmart YoLink API through 2025-10-02 uses an endpoint URL that is derived from a device's MAC address along with an MD5 hash of non-secret information, such as a key that begins with cf50...

EUVD-2015-8643

Malware in sbrugna...

EUVD-2021-20160

Malware in sbrugna...

EUVD-2021-1539

Malware in sbrugna...

EUVD-2017-3205

Malware in sbrugna...

EUVD-2002-1006

Malware in sbrugna...

EUVD-2021-1719

Malware in sbrugna...

EUVD-2019-11480

Malware in sbrugna...

EUVD-2025-29164

Malicious code in bioql PyPI...

EUVD-2025-32184

Malicious code in bioql PyPI...