EUVD-2021-14515

Malware in sbrugna...

EUVD-2022-35896

Malicious code in bioql PyPI...

EUVD-2025-12522

Malicious code in bioql PyPI...

EUVD-2021-7224

Malicious code in bioql PyPI...

EUVD-2025-6193

Malicious code in bioql PyPI...

EUVD-2021-8894

Malicious code in bioql PyPI...

CVE-2020-3918

An access issue was addressed with additional sandbox restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2. A local user may be able to view sensitive user information...

PT-2025-18668 · Gotenna · Gotenna

Name of the Vulnerable Software and Affected Versions: goTenna v1 devices with app 5.5.3 and firmware 0.25.5 Description: An issue was discovered where the GID, which is the user's phone number by default unless they opt out, is not encrypted in messages. This is sensitive information as it can b...

PT-2025-23209 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 13.7.5 macOS versions prior to 14.7.5 macOS versions prior to 15.4 Description: An authentication issue was addressed with improved state management, which could allow an attacker with physical access to a locked devic...

CVE-2024-56494

IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system...

CVE-2024-6780

The CVE-2024-6780 entry concerns Android’s com.android.server.telecom component with improper permission control that may expose user information. Connected sources (RH and NVD/NVD-like feeds) confirm the affected software module but do not provide additional technical specifics such as exact vul...

CVE-2024-6780 Improper permission control in com.android.server.telecom

Improper permission control in the mobile application com.android.server.telecom may lead to user information security risks...

CVE-2024-6780 Improper permission control in com.android.server.telecom

Improper permission control in the mobile application com.android.server.telecom may lead to user information security risks...

CVE-2021-30910

Technical details for CVE-2021-30910 are not publicly available in the provided documents. Monitor for updates from the connected sources.

Centreon 19.10.5 - Pollers Remote Command Execution

Centreon 19.10.5 - Pollers Remote Command Execution Exploit Title: Centreon 19.10.5 - 'Pollers' Remote Command Execution Date: 2020-01-27 Exploit Author: Omri Baso, Fabien Aunay Vendor Homepage: https://www.centreon.com/ Software Link: https://github.com/centreon/centreon Version: 19.10.5 Tested...

FBI Releases Article on Privacy Risks Associated with Internet-Connected Children's Toys

The Federal Bureau of Investigation FBI has released an article on the privacy risks associated with Internet-connected children's toys. FBI warns that Internet-connected toys may contain "sensors, microphones, cameras, data storage components, and other multimedia capabilities - including speech...

AdaptCMS Lite 1.3 - Blind SQL Injection

!/usr/bin/perl ----------------------------------------------------- AdaptCMS Lite post$host.'/includes/checkuser.php', username = $param ; if$post-issuccess return 38 unless $post-content = /yes/i; my @chars = 48..57, 97..102; for0..32 foreach my $set@chars $send = "' or asciisubstringselect...

Multiple web browsers do not properly interpret BASE and FORM elements when displaying URLs in the status bar

Overview Multiple web browsers do not properly display the location of HTML documents in the status bar. An attacker could exploit this behavior to mislead users into revealing sensitive information. Description Web browsers frequently display the Uniform Resource Locator URL in the status bar wh...