58 matches found
CVE-2026-50884
Incorrect access control in statping-ng v0.93.0 allows attackers to escalate privileges to Administrator and access sensitive components...
CVE-2026-50884
Incorrect access control in statping-ng v0.93.0 allows attackers to escalate privileges to Administrator and access sensitive components...
PT-2026-49325
Name of the Vulnerable Software and Affected Versions statping-ng version 0.93.0 Description Incorrect access control allows attackers to escalate privileges to Administrator and access sensitive components. Recommendations At the moment, there is no information about a newer version that contain...
CVE-2026-50884
CVE-2026-50884 affects statping-ng v0.93.0. Description: incorrect access control may allow attackers to escalate privileges to Administrator and access sensitive components. Documents list no public patch/version to mitigate or confirm exploitation details; no explicit root-cause technical speci...
CVE-2025-64724 Arduino IDE for macOS has Insecure File Permissions
Arduino IDE is an integrated development environment. Prior to version 2.3.7, Arduino IDE for macOS is installed with world-writable file permissions on sensitive application components, allowing any local user to replace legitimate files with malicious code. When another user launches the...
EUVD-2020-11847
Malware in sbrugna...
EUVD-2024-0065
Malicious code in bioql PyPI...
EUVD-2024-48503
Malicious code in bioql PyPI...
EUVD-2025-25346
Malicious code in bioql PyPI...
EUVD-2024-54894
Malicious code in bioql PyPI...
EUVD-2024-54900
Malicious code in bioql PyPI...
EUVD-2024-54905
Malicious code in bioql PyPI...
Tenda AC10 安全漏洞
Tenda AC10 is a dual-band Gigabit wireless router launched by Shenzhen Jixiang Tenda Technology Co., Ltd, mainly for 200M and above fiber optic users. Tenda AC10 suffers from an improper access control vulnerability, which originates from improper access control of the /goform/ate endpoint, and c...
CVE-2025-57219
Incorrect access control in the endpoint /goform/ate of Tenda AC10 v4.0 firmware v16.03.10.09multiTDE01 allows attackers to escalate privileges or access sensitive components via a crafted request...
CVE-2024-53494
Incorrect access control in the preHandle function of SpringBootBlog v1.0.0 allows attackers to access sensitive components without authentication...
CVE-2024-53496
Incorrect access control in the doFilter function of my-site v1.0.2.RELEASE allows attackers to access sensitive components without authentication...
CVE-2024-53496
Incorrect access control in the doFilter function of my-site v1.0.2.RELEASE allows attackers to access sensitive components without authentication...
CVE-2024-53494
Incorrect access control in the preHandle function of SpringBootBlog v1.0.0 allows attackers to access sensitive components without authentication...
CVE-2025-28041
Incorrect access control in the doFilter function of itranswarp up to 2.19 allows attackers to access sensitive components without authentication...
CVE-2024-53495
Incorrect access control in the preHandle function of my-site v1.0.2.RELEASE allows attackers to access sensitive components without authentication...