CVE-2026-7686

A vulnerability was found in eyeo Adblock Plus up to 4.36.2 on Chrome. Affected by this vulnerability is the function postMessage of the file premium.preload.js of the component Legacy Premium Activation. Performing a manipulation results in improper access controls. Remote exploitation of the...

CVE-2026-32100 swag/platform-security: `/api/_info/config` route exposes information about licenses and active security fixes

Shopware is an open commerce platform. /api/info/config route exposes information about active security fixes. This vulnerability is fixed in 2.0.16, 3.0.12, and 4.0.7...

CVE-2026-22645

The application discloses all used components, versions and license information to unauthenticated actors, giving attackers the opportunity to target known security vulnerabilities of used components...

CVE-2026-22645

The application discloses all used components, versions and license information to unauthenticated actors, giving attackers the opportunity to target known security vulnerabilities of used components...

CVE-2025-41086

Vulnerability in the access control system of the GAMS licensing system that allows unlimited valid licenses to be generated, bypassing any usage restrictions. The validator uses an insecure checksum algorithm; knowing this algorithm and the format of the license lines, an attacker can recalculat...

CVE-2025-41086

Vulnerability in the access control system of the GAMS licensing system that allows unlimited valid licenses to be generated, bypassing any usage restrictions. The validator uses an insecure checksum algorithm; knowing this algorithm and the format of the license lines, an attacker can recalculat...

CVE-2025-41086

Vulnerability in the access control system of the GAMS licensing system that allows unlimited valid licenses to be generated, bypassing any usage restrictions. The validator uses an insecure checksum algorithm; knowing this algorithm and the format of the license lines, an attacker can recalculat...

CVE-2025-41086

The CVE-2025-41086 affects GAMS licensing: the licensing system validator uses an insecure checksum algorithm, allowing an attacker who knows the checksum method and license-line format to recompute a valid checksum and forge licenses. This enables unlimited valid licenses, bypassing usage restri...

CVE-2025-41086 Authorization bypass in GAMS from GAMS Development Corp.

Vulnerability in the access control system of the GAMS licensing system that allows unlimited valid licenses to be generated, bypassing any usage restrictions. The validator uses an insecure checksum algorithm; knowing this algorithm and the format of the license lines, an attacker can recalculat...

PT-2025-48685

Name of the Vulnerable Software and Affected Versions GAMS affected versions not specified Description A flaw exists in the access control system of the GAMS licensing system that permits the creation of an unlimited number of valid licenses, circumventing usage limitations. The system employs an...

AMS Development GAMS 安全漏洞

AMS Development GAMS is an algebraic modeling system from AMS Development India. AMS Development GAMS suffers from a security vulnerability that stems from checksums and the use of insecure algorithms that could lead to the generation of an unlimited valid license...

Google Expands Chrome Autofill to Passports and Licenses, But Is It Safe?

Google Chrome browser's new enhanced autofill feature can now remember and automatically fill in personal data such as…...

Qualcomm Chipsets 缓冲区错误漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A buffer error vulnerability exists in Qualcomm Chipsets that stems from a memory corruption when processing malformed license files...

EUVD-2019-15525

Malware in sbrugna...

EUVD-2002-1855

Malware in sbrugna...

EUVD-2019-15526

Malware in sbrugna...

EUVD-2022-32013

Malicious code in bioql PyPI...

EUVD-2022-29643

Malicious code in bioql PyPI...

EUVD-2023-37930

Malicious code in bioql PyPI...

CVE-2025-10035

A deserialization vulnerability in the License Servlet of Fortra's GoAnywhere MFT allows an actor with a validly forged license response signature to deserialize an arbitrary actor-controlled object, possibly leading to command injection...