Unified Remote Access Control Vulnerability

Unified Remote is a smartphone application that allows a phone to act as a wireless universal remote control. Version 3.9.0.2463 of Unified Remote has a access control vulnerability, which stems from improper handling of specially crafted network packets, potentially leading to remote code...

CVE-2023-54330

Inbit Messenger versions 4.6.0 to 4.9.0 contain a remote stack-based buffer overflow vulnerability that allows unauthenticated attackers to execute arbitrary code by sending malformed network packets. Attackers can craft a specially designed payload targeting the messenger's network handler to...

CVE-2025-40893 HTML injection in Asset List in Guardian/CMC before 25.5.0

A Stored HTML Injection vulnerability was discovered in the Asset List functionality due to improper validation of network traffic data. An unauthenticated attacker can send specially crafted network packets to inject HTML tags into asset attributes. When a victim views the affected assets in the...

CVE-2025-11546

CLUSTERPRO X for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2 and EXPRESSCLUSTER X for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2, CLUSTERPRO X SingleServerSafe for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2, EXPRESSCLUSTER X SingleServerSafe for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2 allows an attacker sends...

EUVD-2019-9221

Malware in sbrugna...

EUVD-2022-31720

Malicious code in bioql PyPI...

PT-2025-34045 · Tenda · Tenda Ac6

Name of the Vulnerable Software and Affected Versions: Tenda AC6 version V02.03.01.110 Description: An information disclosure issue exists in the /goform/getproductInfo functionality. Specially crafted network packets can lead to the disclosure of sensitive information. An attacker can send packe...

CVE-2018-16559

A vulnerability has been identified in SIMATIC S7-1500 CPU All versions = V2.0 and V2.5, SIMATIC S7-1500 CPU All versions = V1.8.5. Specially crafted network packets sent to port 80/tcp or 443/tcp could allow an unauthenticated remote attacker to cause a Denial-of-Service condition of the device...

CVE-2024-39754

A static login vulnerability exists in the wctrls functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted set of network packets can lead to root access. An attacker can send packets to trigger this vulnerability...

Magma 安全漏洞

Magma is an open source software platform from Magma Open Source. Provides network operators with an open, flexible and scalable mobile core network solution. Magma suffers from a type obfuscation vulnerability that can be exploited by attackers to execute arbitrary code or cause a denial of...

CVE-2024-39754

A static login vulnerability exists in the wctrls functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted set of network packets can lead to root access. An attacker can send packets to trigger this vulnerability...

WAVLINK AC3000 安全漏洞

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. The WAVLINK AC3000 suffers from a static login vulnerability that can be exploited by attackers to cause root access via specially crafted network packets...

AutomationDirect P3-550E 缓冲区错误漏洞

The AutomationDirect P3-550E is a programmable control system PLC from AutomationDirect USA. A buffer error vulnerability exists in AutomationDirect P3-550E version 1.2.10.9. An attacker could exploit this vulnerability to cause heap-based memory corruption via specially crafted network packets...

AutomationDirect P3-550E 缓冲区错误漏洞

The AutomationDirect P3-550E is a programmable control system PLC from AutomationDirect USA. A buffer error vulnerability exists in AutomationDirect P3-550E version 1.2.10.9. An attacker could exploit this vulnerability to cause heap-based memory corruption via specially crafted network packets...

AutomationDirect P3-550E 缓冲区错误漏洞

The AutomationDirect P3-550E is a programmable control system PLC from AutomationDirect USA. A buffer error vulnerability exists in AutomationDirect P3-550E version 1.2.10.9. An attacker could exploit this vulnerability to cause heap-based memory corruption via specially crafted network packets...

AutomationDirect P3-550E 缓冲区错误漏洞

The AutomationDirect P3-550E is a programmable control system PLC from AutomationDirect USA. A buffer error vulnerability exists in AutomationDirect P3-550E version 1.2.10.9. An attacker could exploit this vulnerability to cause a denial of service via specially crafted network packets...

CVE-2023-45586

An insufficient verification of data authenticity vulnerability CWE-345 in Fortinet FortiOS SSL-VPN tunnel mode version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.7 and before 7.0.12 & FortiProxy SSL-VPN tunnel mode version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.7 and before 7.0.13...

CVE-2023-25181

A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted set of network packets can lead to arbitrary code execution. An attacker can send a malicious packet to trigger this vulnerability...

CVE-2023-22365

An OS command injection vulnerability exists in the ysthirdparty checksystemuser functionality of Milesight UR32L v32.3.0.5. A specially crafted set of network packets can lead to command execution. An attacker can send a network request to trigger this vulnerability...

CVE-2022-41007

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...