7068 matches found
CVE-2026-57782
Missing Authorization vulnerability in PressTigers Universal Clocks universal-clocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Universal Clocks: from n/a through = 1.2.0...
CVE-2026-57782
CVE-2026-57782 concerns the WordPress plugin Universal Clocks (
CVE-2026-57782 WordPress Universal Clocks plugin <= 1.2.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in PressTigers Universal Clocks universal-clocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Universal Clocks: from n/a through = 1.2.0...
CVE-2026-10668
Technical details are not publicly available in the provided documents. Monitor for updates.
CVE-2026-39246
creationtimestamp| type| source ---|---|--- 2026-07-11 00:31:42+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdfxmi2yn2s...
FTP Fetch, Reverse TCP Stager with UUID Support (Windows x64)
Fetch and execute an x64 payload from an FTP server. Connect back to the attacker with UUID Support Windows x64 Module Options msf use payload/cmd/windows/ftp/x64/meterpreter/reversetcpuuid msf payloadreversetcpuuid show actions ...actions... msf payloadreversetcpuuid set ACTION msf...
FTP Fetch, Windows Upload/Execute, Reverse TCP Stager with UUID Support
Fetch and execute an x86 payload from an FTP server. Uploads an executable and runs it staged. Connect back to the attacker with UUID Support Module Options msf use payload/cmd/windows/ftp/x86/upexec/reversetcpuuid msf payloadreversetcpuuid show actions ...actions... msf payloadreversetcpuuid set...
Malicious code in stella-coder (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f0c3ed879ef15a68d537ad7b6ddb59508aba58eee49c8ca19b916ef59a0c2da6 stella-cli/telegram-bot.mjs hardcodes a Telegram bot API token BOTTOKEN = "8923551485:AAFw4wG8ZwOtp5rzFsnguxhu4AH-2ebSi0" that is controlled by the...
CVE-2026-56690
creationtimestamp| type| source ---|---|--- 2026-07-10 12:32:05+00:00| seen| https://bsky.app/profile/malwareobserver.bsky.social/post/3mqc5qu5luq2o 2026-07-10 12:53:16+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqc6wpo2tm2i 2026-07-10 16:49:16+00:00| seen|...
CVE-2026-15170
creationtimestamp| type| source ---|---|--- 2026-07-09 14:35:14+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mq7u64nhfe25...
CVE-2026-15169
A flaw was found in Wireshark. This vulnerability allows a remote attacker to cause a denial of service DoS by sending a specially crafted Universal Mobile Telecommunications System UMTS FP protocol packet. The flaw resides in the UMTS FP protocol dissector, which can lead to a crash of the...
[SECURITY] Fedora 44 Update: python-pendulum-3.2.0-1.fc44
Unlike other datetime libraries for Python, Pendulum is a drop-in replacement for the standard datetime class it inherits from it, so, basically, you can replace all your datetime instances by DateTime instances in you code. It also removes the notion of naive datetimes: each Pendulum instance is...
CVE-2026-29008 U-Boot 2026.04-rc3 Integer Underflow DoS via tcp_rx_state_machine()
U-Boot through 2026.04-rc3 contains an integer underflow vulnerability in the tcprxstatemachine function net/tcp.c that allows a network-adjacent attacker to crash the bootloader by sending a malformed TCP SYN+ACK packet with a manipulated data offset field causing payloadlen to become negative...
CVE-2026-54423
creationtimestamp| type| source ---|---|--- 2026-07-08 15:30:34+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mq5gs5iuht24 2026-07-10 05:00:29+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mqbeizh3yj2c 2026-07-10 05:41:51+00:00| seen|...
CVE-2026-36027
CVE-2026-36027 concerns Code27 Companion Hub SQ3A.220705.003.A1. The issue, described across the provided sources, allows a physically proximate attacker to execute arbitrary code via the USB debugging (ADB) / Android Debug Bridge components. The CVSS metrics indicate a physical attack vector wit...
PT-2026-56595
Name of the Vulnerable Software and Affected Versions Wireshark versions 4.6.0 through 4.6.6 Wireshark versions 4.4.0 through 4.4.16 Description A crash in the UMTS FP protocol dissector allows a denial of service. A dissector is a software component that breaks down network traffic into a...
kernel: ALSA: usb-audio: Add sanity check for OOB writes at silencing
A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture USB audio subsystem. An inconsistency in how USB audio playback and capture streams are handled can lead to an out-of-bounds write to a memory buffer. This can result in a system crash, causing a denial of service for a...
CVE-2026-1433 uniFLOW Universal Login Manager (ULM) Standalone Improper Protection of Sensitive Information Leads to Information Disclosure
uniFLOW Universal Login Manager ULM Standalone contains an information disclosure vulnerability that may allow an authenticated administrator to access sensitive configuration information through the ULM Remote User Interface RUI. Exploitation requires administrative privileges and may disclose...
CVE-2026-1433
The CVE-2026-1433 issue affects uniFLOW Universal Login Manager (ULM) Standalone. An information disclosure vulnerability allows an authenticated administrator to access sensitive configuration data via the ULM Remote User Interface (RUI). The exposure can reveal SMTP/LDAP integration configurati...
EUVD-2026-41848
uniFLOW Universal Login Manager ULM Standalone contains an information disclosure vulnerability that may allow an authenticated administrator to access sensitive configuration information through the ULM Remote User Interface RUI. Exploitation requires administrative privileges and may disclose...