65 matches found
CVE-2026-28785
Ghostfolio is an open source wealth management software. Prior to version 2.244.0, by bypassing symbol validation, an attacker can execute arbitrary SQL commands via the getHistorical method, potentially allowing them to read, modify, or delete sensitive financial data for all users in the...
EUVD-2026-5619
FUXA is a web-based Process Visualization SCADA/HMI/Dashboard software. An information disclosure vulnerability in FUXA allows an unauthenticated, remote attacker to retrieve sensitive administrative database credentials. Exploitation allows an unauthenticated, remote attacker to obtain the full...
FacturaScripts 跨站脚本漏洞
FacturaScripts is an open-source ERP software developed by Carlos Garcia, a Spanish developer. Versions of FacturaScripts prior to 2025.71 contained a cross-site scripting vulnerability. This vulnerability occurred due to improper HTML entity encoding during the rendering of historical data in th...
EUVD-2019-9471
Malware in sbrugna...
EUVD-2017-15926
Malware in sbrugna...
EUVD-2021-8071
Malicious code in bioql PyPI...
CVE-2025-8702
A vulnerability classified as critical has been found in Wanzhou WOES Intelligent Optimization Energy Saving System 1.0. This affects an unknown part of the file /CommonSolution/GetVariableByOneIDNew of the component Historical Data Query Module. The manipulation of the argument ObjectID leads to...
CVE-2025-8702 Wanzhou WOES Intelligent Optimization Energy Saving System Historical Data Query Module GetVariableByOneIDNew sql injection
A vulnerability classified as critical has been found in Wanzhou WOES Intelligent Optimization Energy Saving System 1.0. This affects an unknown part of the file /CommonSolution/GetVariableByOneIDNew of the component Historical Data Query Module. The manipulation of the argument ObjectID leads to...
PT-2025-32325 · Wanzhou · Woes Intelligent Optimization Energy Saving System
Name of the Vulnerable Software and Affected Versions: Wanzhou WOES Intelligent Optimization Energy Saving System version 1.0 Description: A critical issue exists in Wanzhou WOES Intelligent Optimization Energy Saving System 1.0, specifically within the Historical Data Query Module. The...
CLSA-2025-1751042580 Update of tzdata
Upgrade to tzdata-2025b - New zone for Aysén Region in Chile which moves from -04/-03 to -03. - Paraguay adopted permanent -03 starting spring 2024. - Improve pre-1991 data for the Philippines. - Etc/Unknown is now reserved. - Improve historical data for Mexico, Mongolia, and Portugal. - System V...
Update of tzdata
Upgrade to tzdata-2025b - New zone for Aysén Region in Chile which moves from -04/-03 to -03. - Paraguay adopted permanent -03 starting spring 2024. - Improve pre-1991 data for the Philippines. - Etc/Unknown is now reserved. - Improve historical data for Mexico, Mongolia, and Portugal. - System V...
What does Facebook know about me? (Lock and Code S06E11)
This week on the Lock and Code podcast … There's an easy way to find out what Facebook knows about you—you just have to ask. In 2020, the social media giant launched an online portal that allows all users to access their historical data and to request specific types of information for download...
CVE-2023-28829
A vulnerability has been identified in SIMATIC NET PC Software V14 All versions, SIMATIC NET PC Software V15 All versions, SIMATIC PCS 7 V8.2 All versions, SIMATIC PCS 7 V9.0 All versions, SIMATIC PCS 7 V9.1 All versions, SIMATIC WinCC All versions V8.0, SINAUT Software ST7sc All versions. Before...
CVE-2021-20653
Calsos CSDJ CSDJ-B 01.08.00 and earlier, CSDJ-H 01.08.00 and earlier, CSDJ-D 01.08.00 and earlier, and CSDJ-A 03.08.00 and earlier allows remote attackers to bypass access restriction and to obtain unauthorized historical data without access privileges via unspecified vectors...
CVE-2021-35492
Wowza Streaming Engine through 4.8.11+5 could allow an authenticated, remote attacker to exhaust filesystem resources via the /enginemanager/server/vhost/historical.jsdata vhost parameter. This is due to the insufficient management of available filesystem resources. An attacker could exploit this...
CVE-2019-19878
An issue was discovered in B Industrial Automation APROL before R4.2 V7.08. An attacker can get access to historical data from AprolSqlServer by bypassing authentication, a different vulnerability than CVE-2019-16358...
ACU: Analytic Continual Unlearning for Efficient and Exact Forgetting with Privacy Preservation
The development of artificial intelligence demands that models incrementally update knowledge by Continual Learning CL to adapt to open-world environments. To meet privacy and security requirements, Continual Unlearning CU emerges as an important problem, aiming to sequentially forget particular...
[SECURITY] [DLA 3972-1] tzdata new timezone database
------------------------------------------------------------------------- Debian LTS Advisory DLA-3972-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort November 28, 2024 https://wiki.debian.org/LTS -...
Microsoft’s Recall Feature Is Even More Hackable Than You Thought
A new discovery that the AI-enabled feature’s historical data can be accessed even by hackers without administrator privileges only contributes to the growing sense that the feature is a “dumpster fire.”...
CVE-2023-4220
creationtimestamp| type| source ---|---|--- 2023-12-17 14:43:03+00:00| seen| https://t.me/ctinow/155617 2024-07-08 07:34:22+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/7908 2024-07-11 07:29:54+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/7942 2024-07-29...