142 matches found
CVE-2026-4009
A vulnerability has been found in jarikomppa soloud up to 20200207. Impacted is the function drwavreadpcmframess16msadpcm in the library src/audiosource/wav/drwav.h of the component WAV File Parser. The manipulation leads to out-of-bounds read. The attack needs to be performed locally. The exploi...
CVE-2026-4009
creationtimestamp| type| source ---|---|--- 2026-03-12 07:16:11+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-4009 2026-03-12 08:47:28+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mgtzaq43542n...
MiracleLinux 8 : xorg-x11-server-1.20.11-5.el8, xorg-x11-server-Xwayland-21.1.3-2.el8 (AXSA:2022-3547:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3547:01 advisory. xorg-x11-server: SProcRenderCompositeGlyphs out-of-bounds access CVE-2021-4008 xorg-x11-server: SProcXFixesCreatePointerBarrier out-of-bounds access...
TencentOS Server 3: xorg-x11-server-Xwayland (TSSA-2022:0228)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0228 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
CVE-2025-4009 Unauthenticated Arbitrary Command Injection in Evertz SDVN
The Evertz SDVN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application. This device exposes a web management interface on port 80. This web management interface can be used by administrators to control product features, setup network switching, and register license among...
CVE-2024-36441
Swissphone DiCal-RED 4009 devices allow an unauthenticated attacker use a port-2101 TCP connection to gain access to operation messages that are received by the device...
CVE-2024-36442
cgi-bin/fdmcgiwebv2.cgi on Swissphone DiCal-RED 4009 devices allows an authenticated attacker to gain access to arbitrary files on the device's file system...
CVE-2024-36445
Swissphone DiCal-RED 4009 devices allow a remote attacker to gain a root shell via TELNET without authentication...
CVE-2024-36444
cgi-bin/fdmcgiwebv2.cgi on Swissphone DiCal-RED 4009 devices allows an unauthenticated attacker to gain access to device logs...
CVE-2022-4009
In affected versions of Octopus Deploy it is possible for a user to introduce code via offline package creation...
CVE-2018-4009
An exploitable privilege escalation vulnerability exists in the Shimo VPN helper service due to improper validation of code signing. A user with local access can use this vulnerability to raise their privileges to root. An attacker would need local access to the machine to successfully exploit th...
CVE-2024-36441
Swissphone DiCal-RED 4009 devices allow an unauthenticated attacker use a port-2101 TCP connection to gain access to operation messages that are received by the device...
CVE-2024-36442
cgi-bin/fdmcgiwebv2.cgi on Swissphone DiCal-RED 4009 devices allows an authenticated attacker to gain access to arbitrary files on the device's file system...
CVE-2024-36444
cgi-bin/fdmcgiwebv2.cgi on Swissphone DiCal-RED 4009 devices allows an unauthenticated attacker to gain access to device logs...
CVE-2024-36439
Swissphone DiCal-RED 4009 devices allow a remote attacker to gain access to the administrative web interface via the device password's hash value, without knowing the actual device password...
CVE-2024-36440
An issue was discovered on Swissphone DiCal-RED 4009 devices. An attacker with access to the file /etc/deviceconfig may recover the administrative device password via password-cracking methods, because unsalted MD5 is used...
CVE-2024-36443
Swissphone DiCal-RED 4009 devices allow a remote attacker to gain read access to almost the whole file system via anonymous FTP...
CVE-2024-36440
An issue was discovered on Swissphone DiCal-RED 4009 devices. An attacker with access to the file /etc/deviceconfig may recover the administrative device password via password-cracking methods, because unsalted MD5 is used...
CVE-2024-36442
cgi-bin/fdmcgiwebv2.cgi on Swissphone DiCal-RED 4009 devices allows an authenticated attacker to gain access to arbitrary files on the device's file system...
PT-2024-27004 · Swissphone · Swissphone Dical-Red 4009
Name of the Vulnerable Software and Affected Versions: Swissphone DiCal-RED 4009 devices affected versions not specified Description: The issue allows an unauthenticated attacker to gain access to device logs through the cgi-bin/fdmcgiwebv2.cgi endpoint on Swissphone DiCal-RED 4009 devices...