CVE-2025-11575

CVE-2025-11575 affects MongoDB Atlas SQL ODBC driver for Windows, with an Incorrect Default Permissions issue that could allow Privilege Escalation. Affected versions are 1.0.0 through 2.0.0. The documents do not provide explicit exploitation details or a published fix/remediation; additional spe...

H3C Magic M安全漏洞

H3C Magic M is a series of wireless routers from China's Xinhua San H3C. A security vulnerability exists in H3C Magic M. The vulnerability stems from the use of hard-coded weak passwords or unset passwords in the firmware, which could allow an attacker to gain maximum root privileges via Telnet...

MongoDB Atlas SQL ODBC driver installation via MSI may leave ACLs unset on custom installation directories

Incorrect Default Permissions vulnerability in MongoDB Atlas SQL ODBC driver on Windows allows Privilege Escalation.This issue affects MongoDB Atlas SQL ODBC driver: from 1.0.0 through 2.0.0...

CVE-2025-11535

MongoDB Connector for BI installation via MSI on Windows leaves ACLs unset on custom install directories allows Privilege Escalation.This issue affects MongoDB Connector for BI: from 2.0.0 through 2.14.24...

CVE-2025-11535

CVE-2025-11535 affects MongoDB Connector for BI (Windows MSI installs) and is caused by ACLs not being set on custom installation directories, enabling local privilege escalation. Affected versions: 2.0.0–2.14.24. Reported by multiple sources (Red Hat, NVD, CNNVD, etc.). Impact is described as hi...

CVE-2025-11535 MongoDB Connector for BI installation MSI leave ACLs unset on custom installation directories

MongoDB Connector for BI installation via MSI on Windows leaves ACLs unset on custom install directories allows Privilege Escalation.This issue affects MongoDB Connector for BI: from 2.0.0 through 2.14.24...

EUVD-2025-33270

MongoDB Connector for BI installation via MSI on Windows leaves ACLs unset on custom install directories allows Privilege Escalation.This issue affects MongoDB Connector for BI: from 2.0.0 through 2.14.24...

EUVD-2007-5287

Malware in sbrugna...

EUVD-2006-3014

Malware in sbrugna...

EUVD-2006-4454

Malware in sbrugna...

CVE-2025-61587

Weblate is a web based localization tool. An open redirect exists in versions 5.13.2 and below via the redir parameter on .within.website when Weblate is configured with Anubis and REDIRECTDOMAINS is not set. An attacker can craft a URL on the legitimate domain that redirects a victim to an...

EUVD-2025-5220

Malicious code in bioql PyPI...

EUVD-2022-52429

Malicious code in bioql PyPI...

SUSE CVE-2025-59538

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. For versions 2.9.0-rc1 through 2.14.19, 3.0.0-rc1 through 3.2.0-rc1, 3.1.6 and 3.0.17, when the webhook.azuredevops.username and webhook.azuredevops.password are not set in the default configuration, the /api/webhook endpoi...

CVE-2025-61587 Weblate integration with Anubis can lead to Open Redirect via redir parameter

Weblate is a web based localization tool. An open redirect exists in versions 5.13.2 and below via the redir parameter on .within.website when Weblate is configured with Anubis and REDIRECTDOMAINS is not set. An attacker can craft a URL on the legitimate domain that redirects a victim to an...

CVE-2025-61587

CVE-2025-61587 affects Weblate (web-based localization tool). Open redirect in versions 5.13.2 and below via the redir parameter when Weblate is configured with Anubis and REDIRECT_DOMAINS is not set. An attacker can craft a URL on the legitimate domain that redirects victims to attacker-controll...

PT-2025-40305

Name of the Vulnerable Software and Affected Versions Weblate versions 5.13.2 and below Description Weblate is a web-based localization tool. An open redirect exists via the redir parameter on the '.within.website' endpoint when Weblate is configured with Anubis and REDIRECT DOMAINS is not set. A...

PT-2025-39165

Name of the Vulnerable Software and Affected Versions Novakon P series version P – V2001.A.C518o2 Description A default or missing password for the root user allows physical attackers to easily access the console. This impacts the Novakon P series devices. Recommendations Set a strong password fo...

CVE-2025-10491

The MongoDB Windows installation MSI may leave ACLs unset on custom installation directories allowing a local attacker to introduce executable code to MongoDB's process via DLL hijacking. This issue affects MongoDB Server v6.0 version prior to 6.0.25, MongoDB Server v7.0 version prior to 7.0.21 a...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from unset sensor-adev, which could lead to null pointer dereferencing...