Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 U…

Internet Shortcut Files Security Feature Bypass Vulnerability

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 t…

SolarWinds Web Help Desk was found to be susceptible to a security control bypass vulnerability…

An issue was discovered on D-Link DIR-601 2.02NA devices. Being local to the network and having…

A sandbox bypass vulnerability exists in Jenkins Pipeline: Groovy Plugin 2.63 and earlier in po…

7-Zip Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypas…

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can di…

A sandbox bypass vulnerability involving crafted constructor bodies in Jenkins Script Security …

SmartScreen Prompt Security Feature Bypass Vulnerability

Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers c…

Suricata before 4.0.4 is prone to an HTTP detection bypass vulnerability in detect.c and stream…

Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via form…

Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a secur…

Protection mechanism failure in Windows Shell allows an unauthorized attacker to perform spoofi…

The issue was addressed with improved bounds checks. This issue is fixed in watchOS 9.5, tvOS 1…

Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a se…

The smtplib library in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3…

Windows Mark of the Web Security Feature Bypass Vulnerability

When using Distributed Test only (RMI based), Apache JMeter 2.x and 3.x uses an unsecured RMI c…

Windows Mark of the Web Security Feature Bypass Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installation…

In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memo…

Grand MA 300 allows retrieval of the access PIN from sniffed data.

An issue was discovered in BT CTROMS Terminal OS Port Portal CT-464. Account takeover can occur…

Multiple LDAP injections vulnerabilities exist in SecurEnvoy MFA before 9.4.514 due to improper…

UPNP Service listening on port 5555 in Genexis Platinum 4410 Router V2.1 (P4410-V2–1.34H) has a…

Wireless IP Camera (P2P) WIFICAM devices rely on a cleartext UDP tunnel protocol (aka the Cloud…

Microsoft Publisher Security Feature Bypass Vulnerability

An unauthenticated attacker can update the hostname with a specially crafted name that will all…

Minetest is a free open-source voxel game engine with easy modding and game creation. In **sing…

Missing Encryption of Sensitive Data vulnerability in Apache Tomcat due to the fix for CVE-2026…

In FiberHome VDSL2 Modem HG150-Ub_V3.0, Credentials of Admin are submitted in URL, which can be…

SKYWORTH GN542VF Hardware Version 2.0 and Software Version 2.0.0.16 does not set the Secure fla…

Visual Studio Remote Code Execution Vulnerability

One Identity Cloud Access Manager 8.1.3 does not use HTTP Strict Transport Security (HSTS), whi…

Privilege Escalation in the "GetUserCurrentPwd" function in Microworld Technologies eScan Manag…

The TikTok (formerly Musical.ly) application 12.2.0 for Android and iOS performs unencrypted tr…

Microsoft is aware of a security feature bypass vulnerability in Windows publicly referred to a…

A Cleartext Transmission issue was discovered on Rubetek RV-3406, RV-3409, and RV-3411 cameras …