MiracleLinux 7 : freerdp-2.1.1-2.el7 (AXSA:2020-625:05)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-625:05 advisory. freerdp: Out of bound read in cliprdrserverreceivecapabilities CVE-2020-11018 freerdp: Out of bound read/write in usb redirection channel...

CVE-2025-67015

Incorrect access control in Comtech EF Data CDM-625 / CDM-625A Advanced Satellite Modem with firmware v2.5.1 allows attackers to change the Administrator password and escalate privileges via sending a crafted POST request to /Forms/adminaccess1...

PT-2025-53595

Name of the Vulnerable Software and Affected Versions Comtech EF Data CDM-625 / CDM-625A Advanced Satellite Modem version 2.5.1 Description A flaw in access control within the Comtech EF Data CDM-625 / CDM-625A Advanced Satellite Modem firmware allows attackers to modify the Administrator passwor...

CVE-2025-67015

CVE-2025-67015 affects the Comtech EF Data CDM-625 / CDM-625A Advanced Satellite Modem with firmware v2.5.1. Root cause is improper access control that lets an unauthenticated attacker modify the Administrator password and escalate privileges by sending a crafted POST to /Forms/admin_access_1. Im...

EUVD-2019-11889

Malware in sbrugna...

EUVD-2017-9292

Malware in sbrugna...

EUVD-2017-9308

Malware in sbrugna...

EUVD-2017-7263

Malware in sbrugna...

EUVD-2018-5844

Malware in sbrugna...

EUVD-2018-17679

Malware in sbrugna...

EUVD-2019-11935

Malware in sbrugna...

EUVD-2017-9410

Malware in sbrugna...

GitHub Security Lab: [Java]: CWE-625 - Query to detect regex dot bypass

This bug was reported directly to GitHub Security Lab...

Check Point Response to CVE-2021-36299, CVE-2021-36300, CVE-2021-36301, CVE-2021-20235 - Dell iDRAC9 Vulnerabilities

Cause CVE-2021-36299 - An SQL injection vulnerability. A remote authenticated malicious user with low privileges may potentially exploit this vulnerability to cause information disclosure or denial of service by supplying specially crafted input data to the affected application. CVE-2021-36300 -...

CVE-2019-2332

Memory corruption while accessing the memory as payload size is not validated before access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607,...

CVE-2019-2246

Thread start can cause invalid memory writes to arbitrary memory location since the argument is passed by user to kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9205, MDM9640, MSM8996AU, QCA6574,...

CVE-2019-10529

Possible use after free issue due to race condition while attempting to mark the entry pages as dirty using function setpagedirty in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...

CVE-2019-10534

Null-pointer dereference can occur while accessing the super index entry when it is not been allocated in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MSM8909W,...

CVE-2019-10512

Payload size is not checked before using it as array index in audio in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in...

CVE-2019-10533

Out of bound access due to improper validation of array index cause the index table entry to get corrupt in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MSM8909W,...