EUVD-2026-29459

CWE‑331 Insufficient Entropy vulnerability exists that could lead to unauthorized access when an attacker on the network can exploit weaknesses in session‑management protections...

CVE-2026-4827 Insufficient Entropy vulnerability on Multiple Products

CWE‑331: Insufficient Entropy vulnerability exists that could lead to unauthorized access when an attacker on the network can exploit weaknesses in session‑management protections...

Meatmeet Pro BBQ Thermometer 安全漏洞

Meatmeet Pro BBQ Thermometer is an advanced smart thermometer from Meatmeet. A security vulnerability exists in the Meatmeet Pro BBQ Thermometer version v1.0.34.4, which stems from the inclusion of hard-coded Wi-Fi credentials in the firmware, which could lead to unauthorized network access...

EUVD-2008-5316

Malware in sbrugna...

EUVD-2023-24394

Malicious code in bioql PyPI...

EUVD-2022-35590

Malicious code in bioql PyPI...

ExtremeGuest Essentials 安全漏洞

ExtremeGuest Essentials is a WiFi user access and analytics platform from Extreme. A security vulnerability exists in ExtremeGuest Essentials versions prior to 25.5.0, which stems from a misconfiguration of the mandatory portal and could lead to unauthorized network access...

CVE-2025-41713 WAGO: Vulnerability in hardware switch circuit

During a short time frame while the device is booting an unauthenticated remote attacker can send traffic to unauthorized networks due to the switch operating in an undefined state until a CPU-induced reset allows proper configuration...

Linux Distros Unpatched Vulnerability : CVE-2020-14792

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Hotspot. Supported versions that are affected are Java SE: 7u271, 8u261,...

CVE-2025-55280 Information Disclosure Vulnerability in ZKTeco WL20

This vulnerability exists in ZKTeco WL20 due to storage of Wi-Fi credentials, configuration data and system data in plaintext within the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and reverse engineer the binary data to access the...

CVE-2025-53755

This vulnerability exists in Digisol DG-GR6821AC Router due to storage of credentials and PINS without encryption in the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and reverse engineer the binary data to access the unencrypted dat...

Digisol DG-GR6821AC Router 安全漏洞

Digisol DG-GR6821AC Router is a WiFi router from Digisol India. A security vulnerability exists in the Digisol DG-GR6821AC Router that originates from the storage of unencrypted credentials and PINs in the firmware, which could lead to a physical access attacker gaining unauthorized network acces...

CVE-2022-3681

A vulnerability has been identified in the MR2600 router v1.0.18 and earlier that could allow an attacker within range of the wireless network to successfully brute force the WPS pin, potentially allowing them unauthorized access to a wireless network...

Initial Access Brokers Shift Tactics, Selling More for Less

What are IABs? Initial Access Brokers IABs specialize in gaining unauthorized entry into computer systems and networks, then selling that access to other cybercriminals. This division of labor allows IABs to concentrate on their core expertise: exploiting vulnerabilities through methods like soci...

CVE-2024-11449

A vulnerability in haotian-liu/llava version 1.2.0 LLaVA-1.6 allows for Server-Side Request Forgery SSRF through the /run/predict endpoint. An attacker can gain unauthorized access to internal networks or the AWS metadata endpoint by sending crafted requests that exploit insufficient validation o...

CVE-2024-11449 Server-Side Request Forgery in haotian-liu/llava

A vulnerability in haotian-liu/llava version 1.2.0 LLaVA-1.6 allows for Server-Side Request Forgery SSRF through the /run/predict endpoint. An attacker can gain unauthorized access to internal networks or the AWS metadata endpoint by sending crafted requests that exploit insufficient validation o...

Amazon Linux 2023 : java-21-amazon-corretto, java-21-amazon-corretto-devel, java-21-amazon-corretto-headless (ALAS2023-2024-751)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-751 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle...

Important: java-1.8.0-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.1...

CVE-2023-49722

Network port 8899 open in WiFi firmware of BCC101/BCC102/BCC50 products, that allows an attacker to connect to the device via same WiFi network...

Silicon Labs Gecko SDK Security Vulnerability

The Silicon Labs Gecko SDK GSDK is an open source library from Silicon Labs. Combines the Silicon Labs Wireless Software Development Kit SDK and the Gecko platform into one integrated package. A security vulnerability exists in Silicon Labs Gecko SDK v7.18.3 and prior versions, which stems from a...