CVE Alert: CVE-2025-1078
Vulnerability Summary: CVE-2025-1078 A vulnerability has been found in AppHouseKitchen AlDente Charge Limiter up to 1.29 on macOS and classified...
Month: February 2025
CVE Alert: CVE-2024-57427
Vulnerability Summary: CVE-2024-57427 PHPJabbers Cinema Booking System v2.0 is vulnerable to reflected cross-site scripting (XSS). Multiple endpoints improperly handle user...
CVE Alert: CVE-2025-24981
Vulnerability Summary: CVE-2025-24981 MDC is a tool to take regular Markdown and write documents interacting deeply with a Vue component....
CVE Alert: CVE-2024-13416
Vulnerability Summary: CVE-2024-13416 Using API in the 2N OS device, authorized user can enable logging, which discloses valid authentication tokens...
CVE Alert: CVE-2024-57523
Vulnerability Summary: CVE-2024-57523 Cross Site Request Forgery (CSRF) in Users.php in SourceCodester Packers and Movers Management System 1.0 allows attackers...
CVE Alert: CVE-2025-22992
Vulnerability Summary: CVE-2025-22992 A SQL Injection vulnerability exists in the /feed/insert.json endpoint of the Emoncms project >= 11.6.9. The vulnerability...
CVE Alert: CVE-2025-22867
Vulnerability Summary: CVE-2025-22867 On Darwin, building a Go module which contains CGO can trigger arbitrary code execution when using the...
HackerOne Bug Bounty Disclosure: error-page-content-spoofing-or-text-injection-mcblockchamp
Company Name: XVIDEOS Company HackerOne URL: https://hackerone.com/xvideos Submitted By:mcblockchampLink to Submitters Profile:https://hackerone.com/mcblockchamp Report Title:Error Page Content Spoofing or Text InjectionReport...
HackerOne Bug Bounty Disclosure: cve-netrc-and-default-credential-leak-sherlock
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:sherlock2010Link to Submitters Profile:https://hackerone.com/sherlock2010 Report Title:CVE-2025-0167: netrc and default credential leakReport Link:https://hackerone.com/reports/2917232Date...
HackerOne Bug Bounty Disclosure: cve-django-potential-sql-injection-in-haskey-lhs-rhs-on-oracle-scyoon
Company Name: Internet Bug Bounty Company HackerOne URL: https://hackerone.com/ibb Submitted By:scyoonLink to Submitters Profile:https://hackerone.com/scyoon Report Title:CVE-2024-53908: Django Potential SQL injection...
HackerOne Bug Bounty Disclosure: cve-eventfd-double-close-ankomcoper
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:ankomcoperLink to Submitters Profile:https://hackerone.com/ankomcoper Report Title:CVE-2025-0665: eventfd double closeReport Link:https://hackerone.com/reports/2954286Date Submitted:07 February...
CISA: Trimble Releases Security Updates to Address a Vulnerability in Cityworks Software
Trimble Releases Security Updates to Address a Vulnerability in Cityworks Software CISA is collaborating with private industry partners to respond...
[RANSOMHUB] – Ransomware Victim: teamues[.]com
Ransomware Group: RANSOMHUB VICTIM NAME: teamuescom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
CVE Alert: CVE-2025-24786
Vulnerability Summary: CVE-2025-24786 WhoDB is an open source database management tool. While the application only displays Sqlite3 databases present in...
CVE Alert: CVE-2025-24787
Vulnerability Summary: CVE-2025-24787 WhoDB is an open source database management tool. In affected versions the application is vulnerable to parameter...
CVE Alert: CVE-2024-52892
Vulnerability Summary: CVE-2024-52892 IBM Jazz for Service Management 1.1.3 through 1.1.3.23 is vulnerable to cross-site scripting. This vulnerability allows an...
CVE Alert: CVE-2024-47256
Vulnerability Summary: CVE-2024-47256 Successful exploitation of this vulnerability could allow an attacker (who needs to have Admin access privileges) to...
CVE Alert: CVE-2024-47258
Vulnerability Summary: CVE-2024-47258 2N Access Commander version 2.1 and prior is vulnerable in default settings to Man In The Middle...
CVE Alert: CVE-2024-13417
Vulnerability Summary: CVE-2024-13417 Specifically crafted payloads sent to the RFID reader could cause DoS of RFID reader. After the device...
CVE Alert: CVE-2025-0158
Vulnerability Summary: CVE-2025-0158 IBM EntireX 11.1 could allow a local user to cause a denial of service due to an...
CVE Alert: CVE-2024-56467
Vulnerability Summary: CVE-2024-56467 IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error...
CVE Alert: CVE-2025-1081
Vulnerability Summary: CVE-2025-1081 A vulnerability was found in Bharti Airtel Xstream Fiber up to 20250123. It has been rated as...
CVE Alert: CVE-2024-54171
Vulnerability Summary: CVE-2024-54171 IBM EntireX 11.1 is vulnerable to an XML external entity injection (XXE) attack when processing XML data....
[FUNKSEC] – Ransomware Victim: iaaglobal[.]org
Ransomware Group: FUNKSEC VICTIM NAME: iaaglobalorg NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
