WordPress plugin DesignThemes Directory Addon 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added t...

CVE-2021-22488

There is an Unauthorized file access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability by modifying soft links may tamper with the files restored from backups...

CVE-2023-53896

D-Link DAP-1325 firmware version 1.01 contains a broken access control vulnerability that allows unauthenticated attackers to download device configuration settings without authentication. Attackers can exploit the /cgi-bin/ExportSettings.sh endpoint to retrieve sensitive configuration informatio...

EUVD-2020-13258

Malware in sbrugna...

EUVD-2018-17242

Malware in sbrugna...

EUVD-2021-23571

Malware in sbrugna...

EUVD-2023-31349

Malicious code in bioql PyPI...

EUVD-2023-36739

Malicious code in bioql PyPI...

EUVD-2022-49921

Malicious code in bioql PyPI...

EUVD-2025-8285

Malicious code in bioql PyPI...

EUVD-2022-42681

Malicious code in bioql PyPI...

EUVD-2023-38265

Malicious code in bioql PyPI...

EUVD-2022-51213

Malicious code in bioql PyPI...

EUVD-2023-45369

Malicious code in bioql PyPI...

Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: Update to Java 8.0 Service Refresh 8 Fix Pack 50. Security issues fixed: Oracle July 15 2025 CPU bsc1247754. CVE-2025-30749: heap corruption allows unauthenticated attacker with network access to compromise and takeover Java applications th...

CVE-2025-26709

CVE-2025-26709 affects ZTE F50 with an unauthorized access vulnerability due to improper permission control in the Web module interface. The root cause is insufficient access controls, allowing an attacker with adjacent access and low exploit complexity to obtain sensitive information via the Web...

CVE-2025-52950

A Missing Authorization vulnerability in Juniper Networks Security Director allows an unauthenticated network-based attacker to read or tamper with multiple sensitive resources via the web interface. Numerous endpoints on the Juniper Security Director appliance do not validate authorization and...

CVE-2025-1699

An incorrect default permissions vulnerability was reported in the MotoSignature application that could result in unauthorized access...

Mattermost Unauthorized Access Vulnerability

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from an unauthorized access vulnerability that stems from improper cleaning of Google OAuth credentials, which can be exploited by an attacker to cause unauthorized access...

CVE-2023-22481

FreshRSS is a self-hosted RSS feed aggregator. When using the greader API, the provided password is logged in clear in users//logapi.txt in the case where the authentication fails. The issues occurs in authorizationToUser in greader.php. If there is an issue with the request or the credentials,...