`pqcrypto-mldsa` is unmaintained: upstream PQClean project being archived

This crate provides Rust bindings to ML-DSA FIPS 204 via C implementations from PQClean. The PQClean project is being archived in or after July 2026 see PQClean/PQClean604, after which no further security patches or bug fixes will be applied to the upstream implementations. As a result, this crat...

CVE-2025-71284 Synway SMG Gateway Management Software OS Command Injection via radius_address

Synway SMG Gateway Management Software contains an OS command injection vulnerability in the RADIUS configuration endpoint at /en/9-2radius.php where the radiusaddress POST parameter is split and interpolated directly into a sed command without sanitization. An unauthenticated remote attacker can...

Security Bulletin: IBM Guardium Data Protection is affected by MySQL Server July 2025 CPU vulnerabilities.

Summary IBM Guardium Data Protection has addressed these vulnerabilities in an update. Vulnerability Details CVEID:CVE-2024-37891 DESCRIPTION: urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only se...

PayPal February 2026 Notice of Data Breach

PayPal has released this notice of data breach to its customers following a data exposure issue that spanned from July 1, 2025 to December 13, 2025...

CVE-2025-8587

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in AKCE Software Technology R Industry and Trade Inc. SKSPro allows SQL Injection.This issue affects SKSPro: through 07012026...

PT-2026-6004

Name of the Vulnerable Software and Affected Versions AKCE Software Technology R&D Industry and Trade Inc. SKSPro versions through 07012026 Description An issue exists in AKCE Software Technology R&D Industry and Trade Inc. SKSPro that allows directory indexing, potentially leading to exposure of...

Oracle Java SE Updates (July 2025)

Oracle Java SE Multiple Vulnerabilities July 2025 CVE-2025-50059 CVE-2025-30749 CVE-2025-50106 CVE-2025-23166 CVE-2025-30754...

CVE-2022-33693

Exposure of Sensitive Information in CID Manager prior to SMR Jul-2022 Release 1 allows local attacker to access iccid via log...

CVE-2019-20592

An issue was discovered on Samsung mobile devices with N7.x, O8.x, and P9.0 software. There is local SQL injection in the Story Video Editor Content Provider. The Samsung ID is SVE-2019-14062 July 2019...

CVE-2019-20776

An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 software. A TZ trusted application can crash via crafted input. The LG ID is LVE-SMP-190005 July 2019...

CVE-2022-33703

Improper validation vulnerability in CACertificateInfo prior to SMR Jul-2022 Release 1 allows attackers to launch certain activities...

Cloudflare Has Blocked 416 Billion AI Bot Requests Since July 1

Cloudflare CEO Matthew Prince claims the internet infrastructure company’s efforts to block AI crawlers are already seeing big results...

EUVD-2025-201107

Buffer Overflow was found in SmallBASIC community SmallBASIC with SDL Before v1228, and commit sha:298a1d495355959db36451e90a0ac74bcc5593fe in the function main.cpp, which can lead to potential information leakage and crash...

CVE-2025-12397

A SQL injection vulnerability was found in Looker Studio. A Looker Studio user with report view access could inject malicious SQL that would execute with the report owner's permissions. The vulnerability affected to reports with BigQuery as the data source. This vulnerability was patched on 21 Ju...

CVE-2025-12405

An improper privilege management vulnerability was found in Looker Studio. It impacted all JDBC-based connectors. A Looker Studio user with report view access could make a copy of the report and execute arbitrary SQL that would run on the data source database due to the stored credentials attache...

CVE-2025-12405

CVE-2025-12405 describes an improper privilege management vulnerability in Looker Studio affecting all JDBC-based connectors. The underlying issue: a user with report view access can copy a report and trigger execution of arbitrary SQL on the data source database because stored credentials attach...

EUVD-2025-44043

An improper privilege management vulnerability was found in Looker Studio. It impacted all JDBC-based connectors. A Looker Studio user with report view access could make a copy of the report and execute arbitrary SQL that would run on the data source database due to the stored credentials attache...

CVE-2025-12405 Unauthorized access through stored credentials in Looker Studio

An improper privilege management vulnerability was found in Looker Studio. It impacted all JDBC-based connectors. A Looker Studio user with report view access could make a copy of the report and execute arbitrary SQL that would run on the data source database due to the stored credentials attache...

CVE-2025-12409

Looker Studio SQL injection via malicious report with native functions enabled could exfiltrate data from BigQuery. By delivering a report and having the victim open it, an attacker could execute injected SQL queries using the victim’s BigQuery permissions. Affects Looker Studio components involv...

CVE-2025-12409 SQL Injection in Looker Studio

A SQL injection vulnerability was discovered in Looker Studio that allowed for data exfiltration from BigQuery data sources. By creating a malicious report with native functions enabled, and having the victim access the report, an attacker could execute injected SQL queries with the victim's...