EUVD-2026-16205

EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to std::string concurrent access. with heap-use-after-free possible. This is triggered by EVCCID update EV/ISO15118 and OCPP session/authorization events. Version 2026.02.0 contains a patch...

CVE-2025-62769

Potential SQL injection via connector keyword argument in QuerySet and Q objects...

CVE-2025-11728

CVE-2025-11728 affects the Oceanpayment CreditCard Gateway plugin for WordPress (versions up to 6.0). The root cause is missing authentication and capability checks in the return_payment and notice_payment functions, allowing unauthenticated and unauthorized modification of data. The practical im...

EUVD-2025-10073

Malicious code in bioql PyPI...

CVE-2025-20939

Improper authorization in wireless download protocol in Galaxy Watch prior to SMR Apr-2025 Release 1 allows physical attackers to update device unique identifier of Watch devices...

CVE-2024-9769

creationtimestamp| type| source ---|---|--- 2024-12-06 03:41:01+00:00| seen| https://infosec.exchange/users/cve/statuses/113603802618152438 2024-12-06 06:25:04+00:00| seen| https://t.me/cvedetector/12165...

CVE-2024-52336

A script injection vulnerability was identified in the Tuned package. The instancecreate D-Bus function can be called by locally logged-in users without authentication. This flaw allows a local non-privileged user to execute a D-Bus call with scriptpre or scriptpost options that permit arbitrary...