Aggregator

CVE-2026-30566 | SourceCodester Sales and Inventory System 1.0 Parameter view_customers.php limit cross site scripting

VulDB Recent Entries
2 weeks 3 days ago
A vulnerability categorized as problematic has been discovered in SourceCodester Sales and Inventory System 1.0. Impacted is an unknown function of the file view_customers.php of the component Parameter Handler. Such manipulation of the argument limit leads to cross site scripting. This vulnerability is traded as CVE-2026-30566. The attack may be launched remotely. There is no exploit available.
vuldb.com

CVE-2026-30564 | SourceCodester Sales and Inventory System 1.0 Parameter view_payments.php limit cross site scripting

VulDB Recent Entries
2 weeks 3 days ago
A vulnerability was found in SourceCodester Sales and Inventory System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file view_payments.php of the component Parameter Handler. This manipulation of the argument limit causes cross site scripting. This vulnerability appears as CVE-2026-30564. The attack may be initiated remotely. There is no available exploit.
vuldb.com

Passkeys Hit Critical Mass: Microsoft Auto-Enables for Millions, 87% of Companies Deploy as Passwords Near End-of-Life

Security Boulevard
2 weeks 3 days ago

March 2026 marks passwordless tipping point: Microsoft forces passkey migration, regulatory deadlines hit, and adoption surges to 69% of consumers.

The post Passkeys Hit Critical Mass: Microsoft Auto-Enables for Millions, 87% of Companies Deploy as Passwords Near End-of-Life appeared first on Security Boulevard.

Deepak Gupta - Tech Entrepreneur, Cybersecurity Author

BSidesSLC 2025 – Start – Recon – Exploit: A Framework for Desktop App Pentesting

Security Boulevard
2 weeks 3 days ago

Author, Creator & Presenter: Santiago Gimenez Ocano & Ryan Syed Security Engineers At Praetorian

Our thanks to BSidesSLC for publishing their Creators, Authors and Presenter’s outstanding BSidesSLC 2025 content on the Organizations' YouTube Channel.

Permalink

The post BSidesSLC 2025 – Start – Recon – Exploit: A Framework for Desktop App Pentesting appeared first on Security Boulevard.

Marc Handelman

CVE-2026-28528 | BlueKitchen BTstack up to 1.8.0 AVRCP Browsing Target attr_id out-of-bounds (EUVD-2026-17089)

VulDB Recent Entries
2 weeks 3 days ago
A vulnerability was found in BlueKitchen BTstack up to 1.8.0. It has been declared as problematic. This vulnerability affects unknown code of the component AVRCP Browsing Target Handler. The manipulation of the argument attr_id results in out-of-bounds read. This vulnerability is reported as CVE-2026-28528. The attacker must have access to the local network to execute the attack. No exploit exists. It is recommended to upgrade the affected component.
vuldb.com

CVE-2026-28527 | BlueKitchen BTstack up to 1.8.0 AVRCP Controller out-of-bounds (EUVD-2026-17087)

VulDB Recent Entries
2 weeks 3 days ago
A vulnerability was found in BlueKitchen BTstack up to 1.8.0. It has been classified as problematic. This affects the function GET_PLAYER_APPLICATION_SETTING_ATTRIBUTE_TEXT/GET_PLAYER_APPLICATION_SETTING_VALUE_TEXT of the component AVRCP Controller. The manipulation leads to out-of-bounds read. This vulnerability is documented as CVE-2026-28527. The attack requires being on the local network. There is not any exploit available. Upgrading the affected component is recommended.
vuldb.com

CVE-2026-28526 | BlueKitchen BTstack up to 1.8.0 AVRCP Controller Count out-of-bounds (EUVD-2026-17085)

VulDB Recent Entries
2 weeks 3 days ago
A vulnerability was found in BlueKitchen BTstack up to 1.8.0 and classified as problematic. Affected by this issue is the function LIST_PLAYER_APPLICATION_SETTING_ATTRIBUTES/LIST_PLAYER_APPLICATION_SETTING_VALUES of the component AVRCP Controller. Executing a manipulation of the argument Count can lead to out-of-bounds read. This vulnerability is registered as CVE-2026-28526. The attack requires access to the local network. No exploit is available. It is suggested to upgrade the affected component.
vuldb.com

Managed ad