PT-2026-43576

Uncontrolled search path element vulnerability in OpenSSL DLL component in Synology BeeDrive for desktop before 1.3.2-13814 allows local users to execute arbitrary code via unspecified vectors...

PYSEC-2025-34

The unsafe globals in Picklescan before 0.0.25 do not include ssl. Consequently, ssl.getservercertificate can exfiltrate data via DNS after deserialization...

DEBIAN-CVE-2022-31085

LDAP Account Manager LAM is a webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. In versions prior to 8.0 the session files include the LDAP user name and password in clear text if the PHP OpenSSL extension is not installed or encryption is disabled by...

Momentum Axel 720P DNS Hijacking Vulnerability

The Momentum Axel 720P is a dual-band HD camera that supports WiFi connectivity. A security vulnerability exists in the Momentum Axel 720P version 5.1.8, which stems from the program's lack of SSL authentication. A remote attacker can exploit the vulnerability by hijacking DNS to upgrade the...

Google News and Weather application for Android security bypass vulnerability

Google News and Weather application for Android is a mobile application for the Android operating system based on the American company Google Google. The program supports pushing news and weather forecasts, etc. A security vulnerability exists in the Google News and Weather application for Androi...