Security Risks Introduced by Weak Authentication in Smart Home IoT Systems

Smart home IoT systems rely on authentication mechanisms to ensure that only authorized entities can control devices and access sensitive functionality. In practice, these mechanisms must balance security with usability, often favoring persistent connectivity and minimal user interaction. This...

CVE-2025-7073

A local privilege escalation vulnerability in Bitdefender Total Security 27.0.46.231 allows low-privileged attackers to elevate privileges. The issue arises from bdservicehost.exe deleting files from a user-writable directory C:\ProgramData\Atc\Feedback without proper symbolic link validation,...

CVE-2025-7073

A local privilege escalation vulnerability in Bitdefender Total Security versions prior to 27.0.47.241 allows low-privileged attackers to elevate privileges. The issue arises from bdservicehost.exe deleting files from a user-writable directory C:\ProgramData\Atc\Feedback without proper symbolic...

EUVD-2025-30222

Malicious code in bioql PyPI...

CVE-2025-59691

PureVPN client applications on Linux through September 2025 allow IPv6 traffic to leak outside the VPN tunnel upon network events such as Wi-Fi reconnect or system resume. In the CLI client, the VPN auto-reconnects and claims to be connected, but IPv6 traffic is no longer routed or blocked. In th...

CVE-2025-59691

PureVPN client applications on Linux through September 2025 allow IPv6 traffic to leak outside the VPN tunnel upon network events such as Wi-Fi reconnect or system resume. In the CLI client, the VPN auto-reconnects and claims to be connected, but IPv6 traffic is no longer routed or blocked. In th...

CVE-2021-0257

On Juniper Networks MX Series and EX9200 Series platforms with Trio-based MPCs Modular Port Concentrators where Integrated Routing and Bridging IRB interfaces are configured and mapped to a VPLS instance or a Bridge-Domain, certain Layer 2 network events at Customer Edge CE devices may cause memo...

CVE-2021-0257

CVE-2021-0257 affects Juniper Junos OS on MX Series and EX9200 Series with Trio-based MPCs where IRB interfaces are mapped to a VPLS or Bridge-Domain. The issue is a memory leak in the MPC that can lead to an out-of-memory condition and an MPC restart, causing temporary traffic interruptions. Aff...

CVE-2021-0202 Junos OS: MX Series, EX9200 Series: Trio-based MPC memory leak when Integrated Routing and Bridging (IRB) interface is mapped to a VPLS instance or a Bridge-Domain

On Juniper Networks MX Series and EX9200 Series platforms with Trio-based MPC Modular Port Concentrator where Integrated Routing and Bridging IRB interface is configured and it is mapped to a VPLS instance or a Bridge-Domain, certain network events at Customer Edge CE device may cause memory leak...

Adding Some Salt to Our Network – Part 1

Why configuration management system was a must for our network, and how we chose SaltStack When we planned and designed the network automation at Imperva Cloud, we split our automation systems into three different systems, where each of the systems has a different set of requirements: 1...

Syslog LogAnalyzer 3.6.5 - Stored XSS Exploit

Exploit for multiple platform in category web applications Vulnerability title: Syslog LogAnalyzer 3.6.5 Stored XSS Author: Dolev Farhi Contact: dolevf at yahoo dot com @dolevff Application: LogAnalyzer 3.6.5 Date: 8.2.2014 Relevant CVEs: CVE-2014-6070 Vulnerable version: alert"xss", and sending ...

LogAnalyzer 3.6.5 Cross Site Scripting

Author: Dolev Farhi @dolevff Application: LogAnalyzer Date: 8.2.2014 Tested on: Red Hat Enterprise Linux 6.4 Relevant CVEs: CVE-2014-6070 1. About the application ------------------------ LogAnalyzer is a web interface to syslog and other network event data. It provides easy browsing, analysis of...