CVE-2019-7632

LifeSize Team, Room, Passport, and Networker 220 devices allow Authenticated Remote OS Command Injection, as demonstrated by shell metacharacters in the support/mtusize.php mtusize parameter. The lifesize default password for the cli account may sometimes be used for authentication...

EUVD-2016-6930

Malware in sbrugna...

EUVD-2012-2955

Malware in sbrugna...

EUVD-2006-0433

Malware in sbrugna...

EUVD-2017-7757

Malware in sbrugna...

EUVD-2004-2767

Malware in sbrugna...

EUVD-2012-3665

Malware in sbrugna...

EUVD-2001-1337

Malware in sbrugna...

EUVD-2018-18366

Malware in sbrugna...

EUVD-2022-37743

Malicious code in bioql PyPI...

EUVD-2022-25009

Malicious code in bioql PyPI...

EUVD-2024-42274

Malicious code in bioql PyPI...

CVE-2024-28146

The application uses several hard-coded credentials to encrypt config files during backup, to decrypt the new firmware during an update and some passwords allow a direct connection to the database server of the affected device...

CVE-2025-32471

The device’s passwords have not been adequately salted, making them vulnerable to password extraction attacks...

CVE-2025-32471

The device’s passwords have not been adequately salted, making them vulnerable to password extraction attacks...

CVE-2025-26486

Broken or Risky Cryptographic Algorithm, Use of Password Hash With Insufficient Computational Effort, Use of Weak Hash, Use of a One-Way Hash with a Predictable Salt vulnerabilities in Beta80 "Life 1st Identity Manager" enable an attacker with access to password hashes to bruteforce user password...

A Hackers Pot of Gold: Your MSP's Data

A single ransomware attack on a New Zealand managed service provider MSP disrupted several of its clients' business operations overnight, most belonging to the healthcare sector. According to the country's privacy commissioner, "a cyber security incident involving a ransomware attack" in late...

Why Ransomware in Education on the Rise and What That Means for 2023

The breach of LA Unified School District LAUSD highlights the prevalence of password vulnerabilities, as criminal hackers continue to use breached credentials in increasingly frequent ransomware attacks on education. The Labor Day weekend breach of LAUSD brought significant districtwide disruptio...

Vulnerabilities fixed in LibreOffice

The Document Foundation has fixed three vulnerabilities in LibreOffice. An unauthenticated remote malicious person could potentially exploit the vulnerabilities potentially exploit them to execute arbitrary macro code in the user's context, or to gain access to user passwords in the local passwor...

Siemens SINEMA Mendix Forgot Password Appstore

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Mendix Forgot Password Appstore module Vulnerabilities: Improper Access Control, Improper Restriction of Excessive Authentication Attempts 2. RISK EVALUATION These vulnerabilities...