53 matches found
MINI-GW72-97XX-8PV5
Bulletin has no description...
MINI-297P-CMC4-8H72
Bulletin has no description...
ELECOM WAB 代码问题漏洞
ELECOM WAB is a series of wireless access points produced by the ELECOM company in Japan. ELECOM WAB has a code vulnerability that stems from the lack of checking whether the language parameter has an appropriate value. This vulnerability may cause administrator pages to be displayed incorrectly ...
MINI-JC72-RF4W-99MP
Bulletin has no description...
GHSA-72C6-FX6Q-FR5W
creationtimestamp| type| source ---|---|--- 2026-04-16 15:20:04+00:00| seen| Telegram/YbTUbIPLh0mBIC2v2cs-sH-0kBWzIOZ-tc0xqHP7s3YdmQ...
CVE-2026-35594 Vikunja Link Share JWT tokens remain valid for 72 hours after share deletion or permission downgrade
Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, Vikunja's link share authentication GetLinkShareFromClaims in pkg/models/linksharing.go constructs authorization objects entirely from JWT claims without any server-side database validation. When a project owner delet...
Vikunja: Link Share JWT tokens remain valid for 72 hours after share deletion or permission downgrade
Title Link Share JWT tokens remain valid for 72 hours after share deletion or permission downgrade Description Vikunja's link share authentication constructs authorization objects entirely from JWT claims without any server-side database validation. When a project owner deletes a link share or...
INTERPOL Operation Synergia III Shuts Down 45,000 Malicious IPs, 94 Arrested
INTERPOL’s Operation Synergia III led to 94 arrests and the takedown of 45,000 malicious IPs in 72 countries targeting phishing, malware, and fraud networks...
INTERPOL Dismantles 45,000 Malicious IPs, Arrests 94 in Global Cybercrime
INTERPOL on Friday announced the takedown of 45,000 malicious IP addresses and servers used in connection with phishing, malware, and ransomware campaigns, as part of the agency's ongoing efforts to dismantle criminal networks, disrupt emerging threats, and safeguard victims from scams. The effor...
EUVD-2026-2072
InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2022-26772
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges...
EUVD-2026-1772
EUVD-2026-1772...
Microsoft and Adobe Patch Tuesday, December 2025 Security Update Review
As the year winds down, Microsoft Patch Tuesday in December arrives with essential fixes and enhancements to close vulnerabilities and boost performance. Here's a quick breakdown of what you need to know. Microsoft Patch Tuesday for December 2025 This month's release addresses 72 vulnerabilities,...
Malicious code in eko-lutis72-breki (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 853843399425b5291f683d1c13dcbd74d29e74cc8b550973e81446f9669d866f The package eko-lutis72-breki was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that flooded...
EUVD-2025-34776
Strapi Password Hashing Missing Maximum Password Length Validation...
📄 ERPNext 15.67.0 / Frappe 15.72.4 Cross Site Scripting
ERPNext version 15.67.0 and Frappe version 15.72.4 suffer from a persistent cross site scripting vulnerability. CVE-2025-56379 — Stored Cross-Site Scripting XSS in ERPNext 15.67.0 / Frappe 15.72.4 📌 Summary A stored Cross‑Site Scripting XSS vulnerability exists in the Blog module of ERPNext...
CVE-2025-52048
In Frappe 15.x.x before 15.72.0 and 14.x.x before 14.96.10, in the function addtag at frappe/desk/doctype/tag/tag.py is vulnerable to SQL Injection, which allows an attacker to extract information from databases by injecting a SQL query into the dt parameter...
CVE-2019-17019
When Python was installed on Windows, a python file being served with the MIME type of text/plain could be executed by Python instead of being opened as a text file when the Open option was selected upon download. Note: this issue only occurs on Windows. Other operating systems are unaffected...
CVE-2015-9352
The wp-polls plugin before 2.72 for WordPress has SQL injection...
CVE-2025-22228
BCryptPasswordEncoder.matchesCharSequence,String will incorrectly return true for passwords larger than 72 characters as long as the first 72 characters are the same...