CVE-2026-3822 Taipower｜Taipower APP(Android) - Improper Certificate Validation

Taipower APP for Andorid developed by Taipower has an Improper Certificate Validation vulnerability. When establishing an HTTPS connection with the server, the application fails to verify the server-side TLS/SSL certificate. This flaw allows an unauthenticated remote attackers to exploit the...

EUVD-2014-9187

Malware in sbrugna...

EUVD-2013-0009

Malware in sbrugna...

EUVD-2020-4109

Malware in sbrugna...

EUVD-2020-20157

Malware in sbrugna...

EUVD-2015-3235

Malware in sbrugna...

EUVD-2012-4517

Malware in sbrugna...

EUVD-2023-41181

Malicious code in bioql PyPI...

EUVD-2023-36671

Malicious code in bioql PyPI...

EUVD-2024-52592

Malicious code in bioql PyPI...

EUVD-2022-5161

Malicious code in bioql PyPI...

EUVD-2022-35972

Malicious code in bioql PyPI...

CVE-2024-54492

This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2, visionOS 2.2. An attacker in a privileged network position may be able to alter network traffic...

CVE-2023-32427

This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in Apple Music 4.2.0 for Android. An attacker in a privileged network position may be able to intercept network traffic...

CVE-2024-44276

CVE-2024-44276 affects Apple's Passwords feature in iOS/iPadOS. A privileged network position could leak sensitive information due to sending information over HTTP instead of HTTPS. The issue is fixed in iOS 18.2 and iPadOS 18.2. Root cause: unencrypted network requests (logos/icons and password-...

CVE-2024-44276

This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in iOS 18.2 and iPadOS 18.2. A user in a privileged network position may be able to leak sensitive information...

CVE-2024-54492

This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2, visionOS 2.2. An attacker in a privileged network position may be able to alter network traffic...

U.S. Dept Of Defense: User automatically logged in as Sys Admin user on https://███/Administration/Administration.aspx

A vulnerability was discovered where any user could be automatically logged in as a system administrator on a web application. This allowed unrestricted access and privileges could be abused to modify user privileges, add or delete users, and upload files, jeopardizing the integrity of the...

Mozilla Firefox Resource Management Error Vulnerability (CNVD-2023-59025)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a resource management error vulnerability that can be exploited by an attacker to trigger post-release reuse when creating a WebRTC connection over HTTPS...

undertow: Server identity in https connection is not checked by the undertow client

A flaw was found in undertow. The undertow client is not checking the server identity the server certificate presents in HTTPS connections. This is a compulsory step that should at least be performed by default in HTTPS and in http/2...