CVE-2025-64724 Arduino IDE for macOS has Insecure File Permissions

Arduino IDE is an integrated development environment. Prior to version 2.3.7, Arduino IDE for macOS is installed with world-writable file permissions on sensitive application components, allowing any local user to replace legitimate files with malicious code. When another user launches the...

EUVD-2020-11847

Malware in sbrugna...

EUVD-2024-54894

Malicious code in bioql PyPI...

EUVD-2024-54900

Malicious code in bioql PyPI...

EUVD-2025-25346

Malicious code in bioql PyPI...

EUVD-2024-54905

Malicious code in bioql PyPI...

EUVD-2024-48503

Malicious code in bioql PyPI...

EUVD-2024-0065

Malicious code in bioql PyPI...

CVE-2025-57219

Incorrect access control in the endpoint /goform/ate of Tenda AC10 v4.0 firmware v16.03.10.09multiTDE01 allows attackers to escalate privileges or access sensitive components via a crafted request...

Tenda AC10 安全漏洞

Tenda AC10 is a dual-band Gigabit wireless router launched by Shenzhen Jixiang Tenda Technology Co., Ltd, mainly for 200M and above fiber optic users. Tenda AC10 suffers from an improper access control vulnerability, which originates from improper access control of the /goform/ate endpoint, and c...

CVE-2024-53494

Incorrect access control in the preHandle function of SpringBootBlog v1.0.0 allows attackers to access sensitive components without authentication...

CVE-2024-53496

Incorrect access control in the doFilter function of my-site v1.0.2.RELEASE allows attackers to access sensitive components without authentication...

CVE-2024-53496

Incorrect access control in the doFilter function of my-site v1.0.2.RELEASE allows attackers to access sensitive components without authentication...

CVE-2024-53494

Incorrect access control in the preHandle function of SpringBootBlog v1.0.0 allows attackers to access sensitive components without authentication...

CVE-2025-28041

Incorrect access control in the doFilter function of itranswarp up to 2.19 allows attackers to access sensitive components without authentication...

CVE-2024-53495

Incorrect access control in the preHandle function of my-site v1.0.2.RELEASE allows attackers to access sensitive components without authentication...

CVE-2024-53496

The CVE-2024-53496 entry concerns my-site v1.0.2.RELEASE, where an incorrect access control in the doFilter function can allow an unauthenticated user to reach sensitive components. The issue is characterized as high-risk (CVSSv3.1: AV:N/AC:L/PR:N/UI:N/S:U with C/H/I/A = High; base score 9.8). So...

CVE-2024-53496

Incorrect access control in the doFilter function of my-site v1.0.2.RELEASE allows attackers to access sensitive components without authentication...

PT-2025-34470 · My-Site · My-Site

Name of the Vulnerable Software and Affected Versions: my-site version 1.0.2.RELEASE Description: An incorrect access control issue exists in the doFilter function, allowing attackers to access sensitive components without authentication. Recommendations: Apply updates to address the access contr...

CVE-2024-53496

Incorrect access control in the doFilter function of my-site v1.0.2.RELEASE allows attackers to access sensitive components without authentication...