EUVD-2023-59800

Malicious code in bioql PyPI...

CVE-2025-39798

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix the setting of capabilities when automounting a new filesystem Capabilities cannot be inherited when we cross into a new filesystem. They need to be reset to the minimal defaults, and then probed for again...

CVE-2025-0796

The Mortgage Lead Capture System plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 8.2.10. This is due to missing or incorrect nonce validation on the 'wprequalresetdefaults' action. This makes it possible for unauthenticated attackers to reset...

PT-2025-6800 · WordPress · Mortgage Lead Capture System

Name of the Vulnerable Software and Affected Versions: Mortgage Lead Capture System plugin for WordPress versions up to, and including, 8.2.10 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the wprequal reset defaults action. This...

CVE-2022-24930

An Improper access control vulnerability in StRetailModeReceiver in Wear OS 3.0 prior to Firmware update MAR-2022 Release allows untrusted applications to reset default app settings without a proper permission...

CVE-2019-13379

On AVTECH Room Alert 3E devices before 2.2.5, an attacker with access to the device's web interface may escalate privileges from an unauthenticated user to administrator by performing a cmd.cgi?action=ResetDefaults&src=RA reset and using the default credentials to get in...