Медицинская лаборатория Гемотест (Gemotest)
6,341,495 records exposed — Dates of birth, Email addresses, Genders, Government issued IDs and 4 more
Latest Disclosures
Digiever DS-2105 Pro
Digiever DS-2105 Pro Missing Authorization Vulnerability — Digiever DS-2105 Pro contains a missing authorization vulnerability which could allow for command injection via time_tzsetup.cgi.
WIRED / Conde Nast
2.3M subscriber records leaked on hacking forum
WatchGuard Firebox
WatchGuard Firebox Out of Bounds Write Vulnerability — WatchGuard Fireware OS iked process contains an out of bounds write vulnerability in the OS iked process. This vulnerability may allow a remote unauthenticated attac
The Botting Network
96,320 records exposed — Dates of birth, Email addresses, Passwords, Usernames
AUTOSUR
487,226 records exposed — Email addresses, Names, Phone numbers, Physical addresses and 3 more
SonicWall SMA1000 appliance
SonicWall SMA1000 Missing Authorization Vulnerability — SonicWall SMA1000 contains a missing authorization vulnerability that could allow for privilege escalation appliance management console (AMC) of affected devices.
Cisco Multiple Products
Cisco Multiple Products Improper Input Validation Vulnerability — Cisco Secure Email Gateway, Secure Email, AsyncOS Software, and Web Manager appliances contains an improper input validation vulnerability that allows thr
Web Hosting Talk
515,149 records exposed — Email addresses, IP addresses, Passwords, Usernames
ASUS Live Update
ASUS Live Update Embedded Malicious Code Vulnerability — ASUS Live Update contains an embedded malicious code vulnerability client were distributed with unauthorized modifications introduced through a supply chain compro
Fortinet Multiple Products
Fortinet Multiple Products Improper Verification of Cryptographic Signature Vulnerability — Fortinet FortiOS, FortiSwitchMaster, FortiProxy, and FortiWeb contain an improper verification of cryptographic signature vulner
Gladinet CentreStack and Triofox
Gladinet CentreStack and Triofox Hard Coded Cryptographic Vulnerability — Gladinet CentreStack and TrioFox contain a hardcoded cryptographic keys vulnerability for their implementation of the AES cryptoscheme. This vulne
Apple Multiple Products
Apple Multiple Products Use-After-Free WebKit Vulnerability — Apple iOS, iPadOS, macOS, and other Apple products contain a use-after-free vulnerability in WebKit. Processing maliciously crafted web content may lead to me
Sierra Wireless AirLink ALEOS
Sierra Wireless AirLink ALEOS Unrestricted Upload of File with Dangerous Type Vulnerability — Sierra Wireless AirLink ALEOS contains an unrestricted upload of file with dangerous type vulnerability. A specially crafted H
Google Chromium
Google Chromium Out of Bounds Memory Access Vulnerability — Google Chromium contains an out of bounds memory access vulnerability in ANGLE that could allow a remote attacker to perform out of bounds memory access via a c
OSGeo GeoServer
OSGeo GeoServer Improper Restriction of XML External Entity Reference Vulnerability — OSGeo GeoServer contains an improper restriction of XML external entity reference vulnerability that occurs when the application accep
City of Mississauga (Ontario)
190K resident records exposed via compromised property tax and utility billing portal
Uber Technologies (2025)
1.8M driver records exposed via compromised background check vendor system
Philips Healthcare
560K patient device records compromised
Microsoft Windows
Microsoft Windows Use After Free Vulnerability — Microsoft Windows Cloud Files Mini Filter Driver contains a use after free vulnerability that can allow an authorized attacker to elevate privileges locally.
RARLAB WinRAR
RARLAB WinRAR Path Traversal Vulnerability — RARLAB WinRAR contains a path traversal vulnerability allowing an attacker to execute code in the context of the current user.
Discover Financial Services
520K card holder records exposed via vulnerability in mobile banking application
Vanderbilt University
190K student and medical center records exposed via ransomware on administrative systems
Array Networks ArrayOS AG
Array Networks ArrayOS AG OS Command Injection Vulnerability — Array Networks ArrayOS AG contains an OS command injection vulnerability that could allow an attacker to execute arbitrary commands.