Malicious code in patria-pecel98-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae218d13ca900da3ef80ea9b1af73020942e48b5215344250b3e33c28af65911 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in putri-brongkos79-miaww (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 26d27bb95d23616f3499eecc4e132f6339442d082af1c7a0fb17fb8e267b8008 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in utomo-buburayam5-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cba44464d6c8c99125a1a99254bcab6c0ab7abb718251dee868ddd8adbdeec5b The package utomo-buburayam5-breki was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that...

Malicious code in budi-tahutek23-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e97b95cd1c26b6f862554cee708de04997a2001cb48117ef6bc4fdb97821a020 The package budi-tahutek23-breki was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that flood...

MAL-2025-50995 Malicious code in bayu-rojak1-miaww (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f1ff4250b003babbee8f88462f24f61d0f214de96e068c004812a7cbbc691b51 The package bayu-rojak1-miaww was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that flooded...

CVE-2025-61956

Radiometrics VizAir is vulnerable to a lack of authentication mechanisms for critical functions, such as admin access and API requests. Attackers can modify configurations without authentication, potentially manipulating active runway settings and misleading air traffic control ATC and pilots...

CVE-2025-61956

Radiometrics VizAir is vulnerable to a lack of authentication mechanisms for critical functions, such as admin access and API requests. Attackers can modify configurations without authentication, potentially manipulating active runway settings and misleading air traffic control ATC and pilots...

CVE-2025-61956

Radiometrics VizAir is affected by a lack of authentication for critical functions (admin panel and REST API). This could allow an unauthenticated attacker to modify configurations and weather data, potentially manipulating active runway settings, misleading air traffic control and pilots, and ca...

PT-2025-45018

Name of the Vulnerable Software and Affected Versions Radiometrics VizAir affected versions not specified Description Radiometrics VizAir lacks authentication mechanisms for critical functions, including admin access and API requests. This allows attackers to modify configurations without...

CVE-2025-4952

Tampering of the registry entries might have led to preventing the ESET security products from starting correctly on the next system startup or to unauthorized changes in the product's configuration...

CVE-2025-4952 Denial-of-service vulnerability in ESET security products for Windows

Tampering of the registry entries might have led to preventing the ESET security products from starting correctly on the next system startup or to unauthorized changes in the product's configuration...

PT-2025-44622

Name of the Vulnerable Software and Affected Versions ESET security products for Windows affected versions not specified Description Tampering with registry entries could prevent ESET security products from starting correctly upon the next system startup or result in unauthorized changes to the...

PT-2025-44153

Name of the Vulnerable Software and Affected Versions TropOS 4th Gen affected versions not specified Description An authenticated user with the ability to run user level shell commands can enable access via secure shell SSH to an unrestricted root shell by making minor configuration changes to th...

CVE-2025-58778

Multiple versions of RG-EST300 provided by Ruijie Networks provide SSH server functionality. It is not documented in the manual, and enabled in the initial configuration. Anyone with the knowledge of the related credentials can log in to the affected device, leading to information disclosure,...

Rockwell Automation Comms-1783-NATR Cross-Site Request Forgery Vulnerability

Rockwell Automation Comms-1783-NATR is an industrial Ethernet address translation device from Rockwell Automation. The Rockwell Automation Comms-1783-NATR suffers from a cross-site request forgery vulnerability that can be exploited by an attacker to cause a specially crafted link to trick a...

CVE-2025-58778

Multiple versions of RG-EST300 provided by Ruijie Networks provide SSH server functionality. It is not documented in the manual, and enabled in the initial configuration. Anyone with the knowledge of the related credentials can log in to the affected device, leading to information disclosure,...

CVE-2025-58778

CVE-2025-58778 concerns Ruijie Networks RG-EST300 devices, where an undocumented SSH server feature is enabled by default in the initial configuration. The vulnerability allows anyone with the relevant credentials to log in, potentially leading to information disclosure, unauthorized changes to s...

CVE-2025-58778

Multiple versions of RG-EST300 provided by Ruijie Networks provide SSH server functionality. It is not documented in the manual, and enabled in the initial configuration. Anyone with the knowledge of the related credentials can log in to the affected device, leading to information disclosure,...

CVE-2025-58778

Multiple versions of RG-EST300 provided by Ruijie Networks provide SSH server functionality. It is not documented in the manual, and enabled in the initial configuration. Anyone with the knowledge of the related credentials can log in to the affected device, leading to information disclosure,...

Ruijie RG-EST300 安全漏洞

The Ruijie RG-EST300 is a wireless bridge device from Ruijie, China. A security vulnerability exists in the Ruijie RG-EST300 that stems from the SSH server feature not being documented in the manual and enabled in the initial configuration, which could lead to information disclosure, system...