Aggregator

CVE-2026-31256 | Mercury MIPC252W 1.0.5 Build 230306 Rel.79931n RTSP Service Transport null pointer dereference

VulDB Recent Entries
2 weeks 5 days ago
A vulnerability marked as problematic has been reported in Mercury MIPC252W 1.0.5 Build 230306 Rel.79931n. This affects an unknown part of the component RTSP Service. The manipulation of the argument Transport leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2026-31256. The attack is possible to be carried out remotely. No exploit exists.
vuldb.com

CVE-2026-31255 | Tenda AC18 15.03.05.05_multi /goform/SetSambaCfg guestuser command injection

VulDB Recent Entries
2 weeks 5 days ago
A vulnerability labeled as critical has been found in Tenda AC18 15.03.05.05_multi. Affected by this issue is some unknown functionality of the file /goform/SetSambaCfg. Executing a manipulation of the argument guestuser can lead to command injection. This vulnerability is handled as CVE-2026-31255. The attack can be executed remotely. There is not any exploit available.
vuldb.com

CVE-2021-36438 | SourceCodester Online Job Portal phppdo 1.0 /jobportal/index.php Category sql injection

VulDB Recent Entries
2 weeks 5 days ago
A vulnerability identified as critical has been detected in SourceCodester Online Job Portal phppdo 1.0. Affected by this vulnerability is an unknown functionality of the file /jobportal/index.php. Performing a manipulation of the argument Category results in sql injection. This vulnerability is known as CVE-2021-36438. Remote exploitation of the attack is possible. Furthermore, an exploit is available.
vuldb.com

ADT Breach Exposes Data of 5.5 Million Customers, ShinyHunters Likely Behind Attack

Security Boulevard
2 weeks 5 days ago

The ShinyHunters extortion group is claiming responsibility for a breach of home and commercial security vendor ADT that exposed the data of 5.5 million customers. attack appears to be part of a larger and ongoing vishing campaign being run by the prolific threat actors.

The post ADT Breach Exposes Data of 5.5 Million Customers, ShinyHunters Likely Behind Attack appeared first on Security Boulevard.

Jeffrey Burt

[un]prompted 2026 – Exploring The Al Automation Boundary

Security Boulevard
2 weeks 5 days ago

Author, Creator & Presenter: Arthi Nagarajan, Software Engineer for Internal Threat Detection At Datadog

Our thanks to [un]prompted for publishing their Creators, Authors and Presenter’s outstanding [un]prompted 2026 AI Security Practitioner content on the Organizations' YouTube Channel.

Permalink

The post [un]prompted 2026 – Exploring The Al Automation Boundary appeared first on Security Boulevard.

Marc Handelman

CVE-2006-5956 | XLineSoft PHPRunner 3.1 windir%\phprunner.ini cleartext storage (BID-21054 / SA22863)

Vuldb Updates
2 weeks 5 days ago
A vulnerability labeled as problematic has been found in XLineSoft PHPRunner 3.1. This affects an unknown function of the file windir%\phprunner.ini. Executing a manipulation can lead to cleartext storage of sensitive information. This vulnerability is handled as CVE-2006-5956. It is possible to launch the attack on the local host. Additionally, an exploit exists. Additional authentication should be implemented.
vuldb.com

CVE-2006-5959 | Web Inhabit A+ Store E-Commerce browse.asp ParentID sql injection (XFDB-30283 / BID-21092)

Vuldb Updates
2 weeks 5 days ago
A vulnerability classified as critical has been found in Web Inhabit A+ Store E-Commerce. Affected by this vulnerability is an unknown functionality of the file browse.asp. This manipulation of the argument ParentID causes sql injection. The identification of this vulnerability is CVE-2006-5959. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com

Managed ad