148 matches found
📄 D-Link DSL2600U Password Disclosure
D-Link DSL2600U suffers from an administrative password disclosure vulnerability. Exploit Title: D-Link DSL2600U - 'rom-0' Admin Password Disclosure Date: 2026-05-02 Exploit Author: Amir Hossein Jamshidi Vendor Homepage: https://www.dlink.com Version: DSL-2600U Tested on: ubuntu CVE : N/A Firmwar...
Black Basta Ransomware Leader Added to EU Most Wanted and INTERPOL Red Notice
Ukrainian and German law enforcement authorities have identified two Ukrainians suspected of working for the Russia-linked ransomware-as-a-service RaaS group Black Basta. In addition, the group's alleged leader, a 35-year-old Russian national named Oleg Evgenievich Nefedov Нефедов Олег Евгеньевич...
CVE-2026-22920
The device's passwords have not been adequately salted, making them vulnerable to password extraction attacks...
CVE-2026-22920
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2026-22920
...
CVE-2026-22920
This CVE entry is rejected/not used and does not represent an active vulnerability entry.
CVE-2026-22920
...
CVE-2026-22920
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
SICK TDC-X401GL has security vulnerabilities
The SICK TDC-X401GL is a edge computing gateway from the German company SICK. The SICK TDC-X401GL has a security vulnerability, which stems from insufficient salt addition in the device’s password. This vulnerability may lead to password extraction attacks...
CVE-2025-67280
In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple Hibernate Query Language injection vulnerabilities exist which allow a low privileged user to extract passwords of other users and access sensitive data of another user...
CVE-2019-18340
A vulnerability has been identified in Control Center Server CCS All versions = V1.5.0, SiNVR/SiVMS Video Server All versions = V5.0.0. Both the SiVMS/SiNVR Video Server and the Control Center Server CCS store user and device passwords by applying weak cryptography. A local attacker could exploit...
EUVD-2019-8129
Malware in sbrugna...
EUVD-2017-16474
Malware in sbrugna...
EUVD-2021-24852
Malware in sbrugna...
EUVD-2017-16188
Malware in sbrugna...
EUVD-2005-0323
Malware in sbrugna...
EUVD-2019-16126
Malware in sbrugna...
EUVD-2014-5129
Malware in sbrugna...
EUVD-2025-1701
Malicious code in bioql PyPI...
PT-2025-31543 · Undefined · Undefined
An unauthenticated SQL injection vulnerability exists in the Kloxo web hosting control panel developed by LXCenter prior to version 6.1.12. The flaw resides in the login-name parameter passed to lbin/webcommand.php, which fails to properly sanitize input, allowing an attacker to extract the...