91 matches found
CVE-2026-5401
A flaw was found in Wireshark. An attacker could craft a malicious network trace file that, when opened by a user, would trigger a crash in the AFP Spotlight protocol dissector. This vulnerability leads to a denial of service, making the application unavailable. Mitigation To mitigate this issue,...
EUVD-2025-27037
Malicious code in bioql PyPI...
CVE-2025-26443
In parseHtml of HtmlToSpannedParser.java, there is a possible way to install apps without allowing installation from unknown sources due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...
CVE-2025-26443
In parseHtml of HtmlToSpannedParser.java, there is a possible way to install apps without allowing installation from unknown sources due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...
CVE-2025-26443
In parseHtml of HtmlToSpannedParser.java, there is a possible way to install apps without allowing installation from unknown sources due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...
CVE-2025-26443
In parseHtml of HtmlToSpannedParser.java, there is a possible way to install apps without allowing installation from unknown sources due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...
CVE-2025-26443
In parseHtml of HtmlToSpannedParser.java, there is a possible way to install apps without allowing installation from unknown sources due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...
addftool (>=0.2.7 <=0.3.1), autonet-cumulus (>=0.2.0 <=0.2.1) +19 more potentially affected by unknown CVE via parallel-ssh (>=2.12.0 <=2.9.0)
parallel-ssh PYPI version =2.12.0, =0.2.7, =0.2.0, =0.8.1.post1, =0.8.1.post1, =0.8.1.post1, =0.8.3.dev180, =0.11.0, =0.4.2, =2.1.1b1, =0.13.0a1, =0.14.1, =0.5.2, =0.1.0, =0.2.0, =1.0.0, =1.0.14 and more Source cves: unknown CVE Source advisory: SNYK:PYTHON-PARALLELSSH-8688146...
PT-2024-34653 · Ampache · Ampache
Name of the Vulnerable Software and Affected Versions: Ampache versions prior to 7.0.1 Description: The current implementation of token parsing in Ampache does not adequately validate CSRF tokens when users send messages to one another. This issue could be exploited to forge CSRF attacks, allowin...
SUSE CVE-2024-51990
jj, or Jujutsu, is a Git-compatible VCS written in rust. In affected versions specially crafted Git repositories can cause jj to write files outside the clone. This issue has been addressed in version 0.23.0. Users are advised to upgrade. Users unable to upgrade should avoid cloning repos from...
CVE-2024-51990 Path traversal via crafted Git repositories in jj
jj, or Jujutsu, is a Git-compatible VCS written in rust. In affected versions specially crafted Git repositories can cause jj to write files outside the clone. This issue has been addressed in version 0.23.0. Users are advised to upgrade. Users unable to upgrade should avoid cloning repos from...
CVE-2024-51990 Path traversal via crafted Git repositories in jj
jj, or Jujutsu, is a Git-compatible VCS written in rust. In affected versions specially crafted Git repositories can cause jj to write files outside the clone. This issue has been addressed in version 0.23.0. Users are advised to upgrade. Users unable to upgrade should avoid cloning repos from...
CVE-2024-51990 Path traversal via crafted Git repositories in jj
jj, or Jujutsu, is a Git-compatible VCS written in rust. In affected versions specially crafted Git repositories can cause jj to write files outside the clone. This issue has been addressed in version 0.23.0. Users are advised to upgrade. Users unable to upgrade should avoid cloning repos from...
CVE-2023-50920
creationtimestamp| type| source ---|---|--- 2024-01-12 09:26:43+00:00| seen| https://t.me/ctinow/167150 2024-01-19 08:17:08+00:00| seen| https://t.me/ctinow/170096 2024-02-02 09:06:43+00:00| seen| https://t.me/ctinow/177988 2025-06-17 16:41:20+00:00| published-proof-of-concept|...
Gigabud RAT Android Banking Malware Targets Institutions Across Countries
Account holders of over numerous financial institutions in Thailand, Indonesia, Vietnam, the Philippines, and Peru are being targeted by an Android banking malware called Gigabud RAT. "One of Gigabud RAT's unique features is that it doesn't execute any malicious actions until the user is authoriz...
PT-2022-2679 · Pjsip +3 · Pjsip +3
Name of the Vulnerable Software and Affected Versions: PJSIP versions 2.12 and prior Description: The issue is related to a denial-of-service condition that occurs when handling WAV files. It affects 32-bit systems using PJSIP to play or read invalid WAV files, specifically when reading WAV file...
Widespread FluBot and TeaBot Malware Campaigns Targeting Android Devices
Researchers from the Bitdefender Mobile Threats team said they have intercepted more than 100,000 malicious SMS messages attempting to distribute Flubot malware since the beginning of December. "Findings indicate attackers are modifying their subject lines and using older yet proven scams to enti...
More Stealthier Version of BrazKing Android Malware Spotted in the Wild
Banking apps from Brazil are being targeted by a more elusive and stealthier version of an Android remote access trojan RAT that's capable of carrying out financial fraud attacks by stealing two-factor authentication 2FA codes and initiating rogue transactions from infected devices to transfer...
Pig in a poke: smartphone adware
Our support team continues to receive more and more requests from users complaining about intrusive ads on their smartphones from unknown sources. In some cases, the solution is quite simple. In others, the task is far harder: the adware plants itself in the system partition, and trying to get ri...
MyBB CVE-2019-20225 Open Redirection Vulnerability
Description MyBB is prone to an open-redirection vulnerability. An attacker can leverage this issue by constructing a crafted URI and enticing a user to follow it. When an unsuspecting victim follows the link, they may be redirected to an attacker-controlled site; this may aid in phishing attacks...