EUVD-2025-37935

Zitadel is an open source identity management platform. Versions 4.0.0-rc.1 through 4.6.2 are vulnerable to secure Direct Object Reference IDOR attacks through its V2Beta API, allowing authenticated users with specific administrator roles within one organization to access and modify data belongin...

CVE-2025-64431

The CVE-2025-64431 issue concerns Zitadel’s Organization V2Beta API, where IDOR flaws allow an authenticated administrator of one organization to read or modify data of other organizations. Affected versions are Zitadel 4.0.0-rc.1 through 4.6.2. The root cause is improper authorization checks acr...

NewStart CGSL MAIN 6.02 : gupnp Multiple Vulnerabilities (NS-SA-2022-0060)

The remote NewStart CGSL host, running version MAIN 6.02, has gupnp packages installed that are affected by multiple vulnerabilities: - The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different...

NewStart CGSL CORE 5.04 / MAIN 5.04 : gupnp Vulnerability (NS-SA-2021-0115)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has gupnp packages installed that are affected by a vulnerability: - An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x before 1.2.5. It allows DNS rebinding. A remote web server can exploit this vulnerability to...

Important: gupnp

Issue Overview: A flaw was found in gupnp. DNS rebinding can occur when a victim's browser is used by a remote web server to trigger actions against local UPnP services including data exfiltration, data tempering, and other exploits. The highest threat from this vulnerability is to data...

SUSE SLED15 / SLES15 Security Update : gupnp (SUSE-SU-2021:2153-1)

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:2153-1 advisory. - An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x before 1.2.5. It allows DNS rebinding. A remote web server can exploit this...

SUSE SLED12 / SLES12 Security Update : gupnp (SUSE-SU-2021:2080-1)

The remote SUSE Linux SLED12 / SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:2080-1 advisory. - An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x before 1.2.5. It allows DNS rebinding. A remote web server can exploit this...

CVE-2021-33516

A flaw was found in gupnp. DNS rebinding can occur when a victim's browser is used by a remote web server to trigger actions against local UPnP services including data exfiltration, data tempering, and other exploits. The highest threat from this vulnerability is to data confidentiality and...

CVE-2021-33516

An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x before 1.2.5. It allows DNS rebinding. A remote web server can exploit this vulnerability to trick a victim's browser into triggering actions against local UPnP services implemented using this library. Depending on the affected...

CVE-2021-33516

An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x before 1.2.5. It allows DNS rebinding. A remote web server can exploit this vulnerability to trick a victim's browser into triggering actions against local UPnP services implemented using this library. Depending on the affected...

Code injection

An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x before 1.2.5. It allows DNS rebinding. A remote web server can exploit this vulnerability to trick a victim's browser into triggering actions against local UPnP services implemented using this library. Depending on the affected...

DoJ charges man for hacking, tempering with public water facility

By Deeba Ahmed According to a DoJ, Travnichek was accused of hacking a public water facility's computer and tampering with the local water supply system. This is a post from HackRead.com Read the original post: DoJ charges man for hacking, tempering with public water facility...

[Download Hash Verifier] Quickly Verify Integrity (MD5/SHA256 Hash) of Downloaded File

Download Hash Verifier is the FREE tool to verify the integrity of your downloaded file. It makes file hash verification easier and quicker with its smart features such as 'Auto Hash Detection', 'Drag & Drop File', 'Instant copy from Clipboard' etc Hash verification is a standard mechanism used t...