Yokogawa Electric Vnet/IP Interface 安全漏洞

Yokogawa Electric Vnet/IP Interface is a real-time control network interface developed by Yokogawa Electric Corporation. Versions of Yokogawa Electric Vnet/IP Interface prior to R1.07.00 contained a security vulnerability. This vulnerability stemmed from the handling of malicious data packets,...

Linux Distros Unpatched Vulnerability : CVE-2020-37167

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ClamAV versions prior to 0.103.0-rc contain a vulnerability in function name processing through the ClamBC bytecode interpreter that allows attackers to...

Alibaba Cloud Linux 3 : 0031: freerdp (ALINUX3-SA-2026:0031)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0031 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-23530: FreeRDP is a free...

CVE-2026-0619

A reachable infinite loop via an integer wraparound is present in Silicon Labs' Matter SDK which allows an attacker to trigger a denial of service. A hard reset is required to recover the device...

CVE-2026-25748

authentik is an open-source identity provider. Prior to 2025.10.4 and 2025.12.4, with a malformed cookie it was possible to bypass authentication when using forward authentication in the authentik Proxy Provider when used in conjunction with Traefik or Caddy as reverse proxy. When a malicious...

CVE-2025-67432

A stack overflow in the ZBarcodeEncode function of Monkeybread Software MBS DynaPDF Plugin v21.3.1.1 allows attackers to cause a Denial of Service DoS via a crafted input...

CVE-2025-13004

Authorization Bypass Through User-Controlled Key vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Manipulating User-Controlled Variables. This issue affects E-Commerce Package: through 27112025...

CVE-2025-9986

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Vadi Corporate Information Systems Ltd. Co. DIGIKENT allows Excavation.This issue affects DIGIKENT: through 13092025...

CVE-2025-13004

Authorization Bypass Through User-Controlled Key vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Manipulating User-Controlled Variables. This issue affects E-Commerce Package: through 27112025...

CVE-2025-13002

CVE-2025-13002 concerns an XSS in Farktor Software’s E-Commerce Package (E-Commerce Services Inc.). The issue arises from Improper Neutralization of Input During Web Page Generation and affects versions up to 27112025. The CVSS‑3.1 vector is AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H with a base score o...

CVE-2025-13002

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Cross-Site Scripting XSS. This issue affects E-Commerce Package: through 27112025...

CVE-2025-13002 XSS in Farktor Software's E-Commerce Package

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Cross-Site Scripting XSS. This issue affects E-Commerce Package: through 27112025...

CVE-2025-13002 XSS in Farktor Software's E-Commerce Package

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Cross-Site Scripting XSS. This issue affects E-Commerce Package: through 27112025...

CVE-2025-10969 SQLi in Farktor Software's E-Commerce Package

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Blind SQL Injection. This issue affects E-Commerce Package: through 27112025...

CVE-2025-10969 SQLi in Farktor Software's E-Commerce Package

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Blind SQL Injection. This issue affects E-Commerce Package: through 27112025...

CVE-2025-10969

CVE-2025-10969 is a SQL Injection vulnerability in Farktor Software E-Commerce Package (through 27112025). The issue arises from improper neutralization of special elements in SQL commands, enabling Blind SQL Injection. CVSS v3.1 base score is 9.8 (CRITICAL) with NETWORK attack vector, no privile...

Apple Fixes Exploited Zero-Day Affecting iOS, macOS, and Other Devices

Apple on Wednesday released iOS, iPadOS, macOS Tahoe, tvOS, watchOS, and visionOS updates to address a zero-day flaw that it said has been exploited in sophisticated cyber attacks. The vulnerability, tracked as CVE-2026-20700 CVSS score: 7.8, has been described as a memory corruption issue in dyl...

CVE-2025-67432

A stack overflow in the ZBarcodeEncode function of Monkeybread Software MBS DynaPDF Plugin v21.3.1.1 allows attackers to cause a Denial of Service DoS via a crafted input...

A Bootiful Podcast: Java Champion and hilarious friend, Richard Fichtner

Hi, Spring fans! I've been waiting for this episode for so long! Today, we're finally joined by my friend Richard Fichtner, who so took pity on my plight waiting for music to be added to the GraalVM that his company, XDev Software, created the music-maven-plugin, the best Maven plugin, ever! This...

Nikto Web Scanner 2.6.0

Nikto is an Open Source GPL web server scanner which performs comprehensive tests against web servers for multiple items, including thousands of potentially dangerous files/programs, checks for outdated versions of over 1500 server components, and version specific problems on hundreds of servers...