CVE-2026-7594

A vulnerability was detected in Flux159 mcp-game-asset-gen 0.1.0. Affected is the function imageto3dasync of the file src/index.ts of the component MCP Interface. The manipulation of the argument statusFile results in path traversal. The attack can be executed remotely. The exploit is now public...

CVE-2019-7594

Metasys® ADS/ADX servers and NAE/NIE/NCE engines prior to 9.0 make use of a hardcoded RC2 key for certain encryption operations involving the Site Management Portal SMP...

CVE-2025-7594

creationtimestamp| type| source ---|---|--- 2025-09-09 20:51:38+00:00| seen| MISP/e0a0042d-e47b-4875-b781-99d4428af3c2...

MAL-2025-7594 Malicious code in @crabas0npm/vel-incidunt-totam (npm)

The package @crabas0npm/vel-incidunt-totam was found to contain malicious code...

CVE-2025-7594

A vulnerability was found in code-projects Job Diary 1.0. It has been classified as critical. This affects an unknown part of the file /view-emp.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...

CVE-2025-7594 code-projects Job Diary view-emp.php sql injection

A vulnerability was found in code-projects Job Diary 1.0. It has been classified as critical. This affects an unknown part of the file /view-emp.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...

CVE-2025-7594 code-projects Job Diary view-emp.php sql injection

A vulnerability was found in code-projects Job Diary 1.0. It has been classified as critical. This affects an unknown part of the file /view-emp.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...

Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps

Summary Multiple vulnerabilities were addressed in IBM Cloud Pak for AIOps version 4.8.1 Vulnerability Details CVEID:CVE-2024-27043 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: media: edia: dvbdev: fix a use-after-free In dvbregisterdevice, pdvbdev is set equal...

Linux Distros Unpatched Vulnerability : CVE-2017-7594

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The OJPEGReadHeaderInfoSecTablesDcTable function in tifojpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service memory leak via a crafted...

openSUSE Security Advisory (SUSE-SU-2024:3911-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-7594

creationtimestamp| type| source ---|---|--- 2024-09-26 23:01:41+00:00| seen| https://t.me/cvedetector/6457 2025-01-10 14:06:10+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/1137...

CVE-2024-7594

A flaw was found in Hashicorp Vault. Vault’s SSH secrets engine did not require the validprincipals list to contain a value by default. If the validprincipals and defaultuser fields of the SSH secrets engine configuration are not set, an SSH certificate requested by an authorized user to Vault’s...

CVE-2024-7594

CVE-2024-7594 affects Vault’s SSH secrets engine. By default, if the fields valid_principals and default_user are not configured, an SSH certificate requested by an authorized user could authenticate as any user on the host. This is mitigated by upgrading to Vault Community Edition 1.17.6 or Vaul...

CVE-2024-7594 Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default

Vault’s SSH secrets engine did not require the validprincipals list to contain a value by default. If the validprincipals and defaultuser fields of the SSH secrets engine configuration are not set, an SSH certificate requested by an authorized user to Vault’s SSH secrets engine could be used to...

CVE-2024-7594 Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default

Vault’s SSH secrets engine did not require the validprincipals list to contain a value by default. If the validprincipals and defaultuser fields of the SSH secrets engine configuration are not set, an SSH certificate requested by an authorized user to Vault’s SSH secrets engine could be used to...

CVE-2023-34669

TOTOLINK CP300+ V5.2cu.7594 contains a Denial of Service vulnerability in function RebootSystem of the file lib/cstemodules/system which can reboot the system...

Denial of service

TOTOLINK CP300+ V5.2cu.7594 contains a Denial of Service vulnerability in function RebootSystem of the file lib/cstemodules/system which can reboot the system...

PT-2023-4559 · Totolink · Totolink Cp300+

Name of the Vulnerable Software and Affected Versions: TOTOLINK CP300+ version V5.2cu.7594 Description: The issue is related to a Denial of Service vulnerability in the RebootSystem function of the file lib/cste modules/system, which can cause the system to reboot. This vulnerability is associate...

CVE-2023-34669

TOTOLINK CP300+ V5.2cu.7594 contains a Denial of Service vulnerability in function RebootSystem of the file lib/cstemodules/system which can reboot the system...

TOTOLINK CP300+ 安全漏洞

TOTOLINK CP300+ is a wireless router from China's Gion Electronics TOTOLINK. A security vulnerability exists in the TOTOLINK CP300+ version V5.2cu.7594, which originates from a denial of service vulnerability in the RebootSystem function in the file lib/cstemodules/system, which results in a syst...