CVE-2026-33280

Hidden functionality issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to gain access to the product’s debugging functionality, resulting in the execution of arbitrary OS commands...

CVE-2026-26959

ADB Explorer is a fluent UI for ADB on Windows. Versions 0.9.26020 and below fail to validate the integrity or authenticity of the ADB binary path specified in the ManualAdbPath setting before executing it, allowing arbitrary code execution with the privileges of the current user. An attacker can...

Meatmeet Pro BBQ Thermometer 安全漏洞

Meatmeet Pro BBQ Thermometer is an advanced smart thermometer from Meatmeet. A security vulnerability exists in the Meatmeet Pro BBQ Thermometer that stems from an undisabled JTAG debugging interface, which could lead to malicious firmware flashing and unauthorized network access...

Siemens Spectrum Power 安全漏洞

Siemens Spectrum Power is an energy management system from Siemens Germany. A security vulnerability exists in Siemens Spectrum Power 4 versions prior to V4.70 SP12 Update 2, which originates from an exposed debugging interface on the local host and may result in local elevation of privilege...

Lenovo Legion Space 安全漏洞

Lenovo Legion Space is an application from Lenovo China developed specifically for Legion to help you manage game resources and purchase games. A security vulnerability exists in Lenovo Legion Space, which stems from an open debugging interface and could lead to the execution of arbitrary code...

PikPak 安全漏洞

PikPak is a private online disk. A security vulnerability exists in PikPak v1.29.2, which stems from information leakage through the debugging interface...

Dell BIOS 安全漏洞

Dell BIOS is embedded software on a small memory chip on a computer motherboard from Dell, USA. A security vulnerability exists in Dell BIOS. An attacker could exploit this vulnerability to read system information through the debugging interface...

fastrack Reflex 安全漏洞

The fastrack Reflex is a smart wearable device from fastrack. A security vulnerability exists in fastrack Reflex version 2.0 W307SREFLEXv90.89, which stems from a vulnerability that could allow a physically proximate attacker to dump the firmware, flash customized malicious firmware, and brick th...

Goldshell ASIC Miners 安全漏洞

Goldshell ASIC Miners is a mining host from the Chinese company Goldshell. A security vulnerability exists in Goldshell ASIC Miners v2.2.1 and below, which stems from a debugging interface that was found to be publicly exposed on a web interface, allowing an attacker to access passwords and other...

Shining a Light on SolarCity: Practical Exploitation of the X2e IoT Device (Part One)

In 2019, Mandiant’s Red Team discovered a series of vulnerabilities present within Digi International’s ConnectPort X2e device, which allows for remote code execution as a privileged user. Specifically, Mandiant’s research focused on SolarCity’s now owned by Tesla rebranded ConnectPort X2e device...

Resourcexpress Qubi3 Information Disclosure Vulnerability

Resourcexpress Qubi3 is a conference room booking device from Resourcexpress UK. A security vulnerability exists in QED ResourceXpress Qubi3 prior to version 1.40.9, which can be exploited by an attacker to obtain sensitive information through the debugging interface...

Command Execution Vulnerability in Network Debugging Interface of Tianqing Security Isolation and Information Exchange System

Tianqing Security Isolation and Information Exchange System is the access control switch equipment with network isolation technology independently developed by Qixing Information Technology Co., Ltd, which provides high security isolation protection for key data. A command execution vulnerability...

Information Disclosure Vulnerability in Multiple Intel Products (CNVD-2018-15595)

Intel Xeon Scalable processors, etc. are central processing unit CPU products of the U.S. company Intel. A security vulnerability exists in the UEFI setting restriction for DCI in several Intel products. The vulnerability can be exploited by an attacker to access sensitive information on the...

Medtronic MyCareLink Patient Monitor Exposes Dangerous Method or Function Vulnerability

MyCareLink Patient Monitor is a patient monitor product developed by Medtronic, Inc. The Medtronic MyCareLink Patient Monitor has an Exposed Danger Method or Function vulnerability that can be exploited by an attacker with physical access to the device to access debugging functions of the monitor...

OnePlus 3 and 3T OxygenOS security bypass vulnerability

The OnePlus 3 and 3T are both smartphones from China's OnePlus Technology OnePlus.OxygenOS is the operating system that comes with the device. A security bypass vulnerability exists in OxygenOS in OnePlus 3 and 3T. An attacker can exploit the vulnerability to open an ADB session and disclose...

CVE-2016-6406

Cisco IronPort AsyncOS 9.1.2-023, 9.1.2-028, 9.1.2-036, 9.7.2-046, 9.7.2-047, 9.7.2-054, 10.0.0-124, and 10.0.0-125 on Email Security Appliance ESA devices, when Enrollment Client before 1.0.2-065 is installed, allows remote attackers to obtain root access via a connection to the testing/debuggin...

Apple OS X Kernel Information Disclosure Vulnerability

Apple OS X is a specialized operating system developed by Apple for Mac computers. kernel is one of the kernel components. A security vulnerability exists in the debugging interface of the Kernel in Apple OS X 10.10.5 and earlier versions. A local attacker could exploit this vulnerability to obta...

Microsoft Frontpage Server buffer overflow

Buffer overflow in remote debugging interface...