417 matches found
CVE-2025-58686
CVE-2025-58686 : An authenticated SQL Injection in Perfect Brands for WooCommerce (WordPress plugin) allows exploitation via improper neutralization of SQL elements in the plugin’s queries. Affected: Perfect Brands for WooCommerce up to 3.6.x (reported as 3.6.0 in the initial doc, with later conn...
CVE-2025-58686 WordPress Perfect Brands for WooCommerce plugin <= 3.6.2 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in quadlayers Perfect Brands for WooCommerce perfect-woocommerce-brands allows SQL Injection.This issue affects Perfect Brands for WooCommerce: from n/a through = 3.6.2...
CVE-2025-58686 WordPress Perfect Brands for WooCommerce plugin <= 3.6.2 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in quadlayers Perfect Brands for WooCommerce perfect-woocommerce-brands allows SQL Injection.This issue affects Perfect Brands for WooCommerce: from n/a through = 3.6.2...
WordPress plugin Perfect Brands for WooCommerce SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A SQL injection...
PT-2025-38974
Name of the Vulnerable Software and Affected Versions Perfect Brands for WooCommerce versions through 3.6.0 Description A flaw exists in Perfect Brands for WooCommerce that allows for SQL Injection. This occurs due to improper neutralization of special elements within SQL commands. The issue...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...
sslscan
This is a tool for scanning SSL/TLS protocols and ciphers on a target server. The tool is called sslscan and is written in C. It is designed to be a command-line interface for scanning SSL/TLS protocols and ciphers on a target server. The tool can be built on various platforms, including Linux an...
Malicious code in perfect-before-found (npm)
The package perfect-before-found was found to contain malicious code...
Malicious code in pencil-perfect-baseball (npm)
The package pencil-perfect-baseball was found to contain malicious code...
MAL-2025-45539 Malicious code in perfect-before-found (npm)
The package perfect-before-found was found to contain malicious code...
MAL-2025-45535 Malicious code in pencil-perfect-baseball (npm)
The package pencil-perfect-baseball was found to contain malicious code...
Perfect Message Authentication Codes Are Robust to Small Deviations from Uniform Key Distributions
We investigate the impact of possible deviations of the probability distribution of key values from a uniform distribution for the information-theoretic strong, or perfect, message authentication code. We found a simple expression for the decrease in security as a function of the statistical...
Active Attack Resilience in 5G: a New Take on Authentication and Key Agreement
As 5G networks expand into critical infrastructure, secure and efficient user authentication is more important than ever. The 5G-AKA protocol, standardized by 3GPP in TS 33.501, is central to authentication in current 5G deployments. It provides mutual authentication, user privacy, and key secrec...
CVE-2024-35295
A vulnerability has been identified in Perfect Harmony GH180 All versions = V8.0 V8.3.3 with NXGPro+ controller manufactured between April 2020 to April 2025. The maintenance connection of affected devices fails to protect access to the device's control unit configuration. This could allow an...
CVE-2024-35295
A vulnerability has been identified in Perfect Harmony GH180 All versions = V8.0 V8.3.3 with NXGPro+ controller manufactured between April 2020 to April 2025. The maintenance connection of affected devices fails to protect access to the device's control unit configuration. This could allow an...
CVE-2024-35295
A vulnerability has been identified in Perfect Harmony GH180 All versions = V8.0 V8.3.3 with NXGPro+ controller manufactured between April 2020 to April 2025. The maintenance connection of affected devices fails to protect access to the device's control unit configuration. This could allow an...
CVE-2024-35295
A vulnerability has been identified in Perfect Harmony GH180 All versions = V8.0 V8.3.3 with NXGPro+ controller manufactured between April 2020 to April 2025. The maintenance connection of affected devices fails to protect access to the device's control unit configuration. This could allow an...
CVE-2024-35295
CVE-2024-35295 affects Perfect Harmony GH180 versions V8.0–V8.3.3 with the NXGPro+ controller (manufactured 2020–2025). The maintenance connection fails to protect access to the device configuration, enabling a physically proximate attacker with access to the maintenance port to perform arbitrary...
PT-2025-25183 · Unknown · Perfect Harmony Gh180
Name of the Vulnerable Software and Affected Versions: Perfect Harmony GH180 versions V8.0 through V8.3.3 Description: A security issue has been identified where the maintenance connection of affected devices does not protect access to the device's control unit configuration. This could allow an...
On the Impossibility of a Perfect Hypervisor
We establish a fundamental impossibility result for a perfect hypervisor', one that 1 preserves every observable behavior of any program exactly as on bare metal and 2 adds zero timing or resource overhead. Within this model we prove two theorems. 1 Indetectability Theorem. If such a hypervisor...