CVE-2018-25311

VideoFlow Digital Video Protection DVP 2.10 contains an authenticated directory traversal vulnerability that allows attackers with valid credentials to disclose arbitrary files by injecting path traversal sequences in the ID parameter. Attackers can submit requests to downloadsys.pl,...

SENTINELSHIELD-ADVANCED-INTRUSION-DETECTION-WEB-PROTECTION-SYSTEM

No d...

CVE-2025-36192 Missing Authorization with the DS8900F and DS8A00 Hardware Management Console

IBM DS8A00 R10.1 10.10.106.0 and IBM DS8A00 R10.0 10.1.3.010.2.45.0 and IBM DS8900F R9.4 89.40.83.089.42.18.089.44.5.0 IBM System Storage DS8000 could allow a local user with authorized CCW update permissions to delete or corrupt backups due to missing authorization in IBM Safeguarded Copy / GDPS...

EUVD-2017-12873

Malware in sbrugna...

EUVD-2007-4287

Malware in sbrugna...

EUVD-2017-12857

Malware in sbrugna...

Hewlett Packard Enterprise StoreOnce 命令注入漏洞

Hewlett Packard Enterprise StoreOnce is a cloud backup data protection system from Hewlett Packard Enterprise USA. A security vulnerability exists in Hewlett Packard Enterprise StoreOnce that stems from a command injection that could lead to remote code execution...

CVE-2025-31234

The issue was addressed with improved input sanitization. This issue is fixed in visionOS 2.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5. An attacker may be able to cause unexpected system termination or corrupt kernel memory...

XSS Vulnerability in Mingguo Security Gateway of Hangzhou ACE Information Technology Co.

MingGuard Security Gateway is a next-generation security protection system with full-process defense, which is an intelligent gateway integrating traditional firewall, intrusion prevention system, anti-virus gateway, Internet behavior control, VPN gateway, threat intelligence and other security...

AZL-50781 CVE-2024-46870 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Disable DMCUB timeout for DCN35 Why DMCUB can intermittently take longer than expected to process commands. Old ASIC policy was to continue while logging a diagnostic error - which works fine for ASIC without IPS...

Information Leakage Vulnerability in Data Leakage Protection (DLP) System of Beijing Yisaitong Technology Development Co.

Beijing Yisetong Technology Development Co., Ltd. is a domestic data security, network security and security services provider of three major business. There is an information leakage vulnerability in the Data Leakage Protection DLP system of Beijing Yisetong Technology Development Co., Ltd. that...

Ski & bike helmets protect your head, not location or voice

TL;DR Livall smart ski and bike helmet app leaks the wearers real time position Group audio chat allows snooping on conversations Both issues are due to missing authorisation Bike app affects 1 million users, ski app affects a few thousand users Fixed by the vendor, but after we had to call on a...

ROS-2-136

2.136 Notification on update of the Anti-Malware Protection System "RED OS" No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of MIS Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your...

Siemens SIPROTEC 5 输入验证错误漏洞

SIPROTEC 5 devices offer a range of functions for integrating protection, control, measurement and automation in substations and other applications. An information disclosure vulnerability exists in Siemens SIPROTEC 5, which can be exploited by an attacker to read device information...

Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity

Summary The Cybersecurity and Infrastructure Security Agency CISA has consistently observed Chinese Ministry of State Security MSS-affiliated cyber threat actors using publicly available information sources and common, well-known tactics, techniques, and procedures TTPs to target U.S. Government...

Chinese Government-affiliated Malicious Cyber Actors Targeting U.S. Government Agencies

The Cybersecurity and Infrastructure Security Agency CISA and Federal Bureau of Investigation FBI have issued an advisory about Chinese Ministry of State Security MSS-affiliated cyber threat actors targeting U.S. government agencies. Through the National Cybersecurity Protection System, CISA has...

Scan Interference

Scan interference is best defined as when traffic from our scanners gets blocked, filtered, dropped, or modified in response to some sort of active protection system not recognizing our traffic. Once our scanners are flagged as an intruder, the clients environment is no longer accessible, which...

CQU-LANKERS Cross-Site Scripting Vulnerability

CQU-LANKERS is a system of university community services. A cross-site scripting vulnerability exists in the public/api.php file in CQU-LANKERS 2017-11-02 and earlier versions, which can be exploited by remote attackers to bypass the Web Application Protection System with the help of the 'callbac...

Security Bulletin: IBM Security Network Protection System CPU utilization (CVE-2014-0963)

Summary IBM Security Network Protection System is affected by a problem related to the SSL implementation which, under very specific conditions, can cause CPU utilization to rapidly increase. Vulnerability Details CVE ID: CVE-2014-0963 DESCRIPTION: IBM Security Network Protection System is affect...

CVE-2017-3756

A privilege escalation vulnerability was identified in Lenovo Active Protection System for ThinkPad systems versions earlier than 1.82.0.17. An attacker with local privileges could execute code with administrative privileges via an unquoted service path...