182 matches found
Intelbras TIP 200/200 LITE/300 - Local File Inclusion
Intelbras TIP 200 60.61.75.15, TIP 200 LITE 60.61.75.15, and TIP 300 65.61.75.22 are vulnerable to local file inclusion via the 'page' parameter in /cgi-bin/cgiServer.exx, allowing unauthenticated attackers to read arbitrary files such as /etc/passwd. id: CVE-2020-13886 info: name: Intelbras TIP...
EUVD-2026-30142
When using an IPv6 allow-list for the Auth Proxy feature, it defaults to /32 addresses. Addresses specifying a mask explicitly are not affected; to mitigate easily, add the desired mask usually /128 to the addresses. Only auth proxy is affected; Okta, SAML, LDAP, etc are unaffected here...
CVE-2026-40880
The CVE-2026-40880 issue affects Zebra (Zcash node) prior to Zebrad 4.3.1 and zebra-consensus 5.0.2. A logic error in Zebra’s transaction verification cache allowed a malicious miner to exploit height-dependent validity (e.g., an expiry height or upgrade) by submitting a transaction valid at heig...
GHSA-XVJ8-PH7X-65GF Zebra: Cached Mempool Verification Bypasses Consensus Rules for Ahead-of-Tip Blocks
CVE-2026-40880: Cached Mempool Verification Bypasses Consensus Rules for Ahead-of-Tip Blocks Summary A logic error in Zebra's transaction verification cache could allow a malicious miner to induce a consensus split. By carefully submitting a transaction that is valid for height H+1 but invalid fo...
Zebra: Cached Mempool Verification Bypasses Consensus Rules for Ahead-of-Tip Blocks
CVE-2026-40880: Cached Mempool Verification Bypasses Consensus Rules for Ahead-of-Tip Blocks Summary A logic error in Zebra's transaction verification cache could allow a malicious miner to induce a consensus split. By carefully submitting a transaction that is valid for height H+1 but invalid fo...
CVE-2026-3101
A vulnerability was found in Intelbras TIP 635G 1.12.3.5. This vulnerability affects unknown code of the component Ping Handler. The manipulation results in os command injection. The attack can be executed remotely. The exploit has been made public and could be used. The vendor was contacted earl...
CVE-2026-3101
CVE-2026-3101 affects Intelbras TIP 635G (firmware 1.12.3.5) with a flaw in the Ping Handler that enables OS command injection. The issue can be triggered remotely and, according to the connected documents, exploits have been made public (PoC maturity noted). Vendors have not responded to disclos...
EUVD-2026-8470
A vulnerability was found in Intelbras TIP 635G 1.12.3.5. This vulnerability affects unknown code of the component Ping Handler. The manipulation results in os command injection. The attack can be executed remotely. The exploit has been made public and could be used. The vendor was contacted earl...
CVE-2026-3101 Intelbras TIP 635G Ping os command injection
A vulnerability was found in Intelbras TIP 635G 1.12.3.5. This vulnerability affects unknown code of the component Ping Handler. The manipulation results in os command injection. The attack can be executed remotely. The exploit has been made public and could be used. The vendor was contacted earl...
CVE-2026-3101 Intelbras TIP 635G Ping os command injection
A vulnerability was found in Intelbras TIP 635G 1.12.3.5. This vulnerability affects unknown code of the component Ping Handler. The manipulation results in os command injection. The attack can be executed remotely. The exploit has been made public and could be used. The vendor was contacted earl...
Intelbras TIP 635G 操作系统命令注入漏洞
The Intelbras TIP 635G is an IP phone produced by the Brazilian company Intelbras. Version 1.12.3.5 of the Intelbras TIP 635G contains a vulnerability related to operating system command injection. This vulnerability stems from a flaw in the Ping Handler component, which may allow for OS command...
ICE Is Using Palantir’s AI Tools to Sort Through Tips
ICE has been using an AI-powered Palantir system to summarize tips sent to its tip line since last spring, according to a newly released Homeland Security document...
CVE-2025-11767 Tips Shortcode <= 0.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Tips Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tip' shortcode in all versions up to, and including, 0.2.1. This is due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level...
CVE-2025-11767
CVE-2025-11767 affects the WordPress plugin Tips Shortcode. The vulnerability is a Stored Cross-Site Scripting (XSS) via the shortcode in all versions up to 0.2.1, caused by insufficient input sanitization and output escaping. It requires an authenticated attacker with contributor-level access o...
PT-2025-47678
The Tips Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tip' shortcode in all versions up to, and including, 0.2.1. This is due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level...
EUVD-2006-6513
Malware in sbrugna...
EUVD-2006-6514
Malware in sbrugna...
EUVD-2020-6094
Malware in sbrugna...
EUVD-2024-45854
Malicious code in bioql PyPI...
EUVD-2024-37390
Malicious code in bioql PyPI...