EUVD-2023-12790

Malicious code in bioql PyPI...

CVE-2025-59817

This vulnerability allows attackers to execute arbitrary commands on the underlying system. Because the web portal runs with root privileges, successful exploitation grants full control over the device, potentially compromising its availability, confidentiality, and integrity...

CVE-2025-59817 Authenticated Remote Code Execution in zForm_auto_config

This vulnerability allows attackers to execute arbitrary commands on the underlying system. Because the web portal runs with root privileges, successful exploitation grants full control over the device, potentially compromising its availability, confidentiality, and integrity...

CVE-2025-59817

CVE-2025-59817 is an authenticated remote code execution affecting Zenitel ICX500/ICX510 gateways (zForm_auto_config). The vulnerability allows an authenticated attacker to execute arbitrary commands on the device; the web portal runs with root privileges, enabling full control and impacting avai...

CVE-2025-59817 Authenticated Remote Code Execution in zForm_auto_config

This vulnerability allows attackers to execute arbitrary commands on the underlying system. Because the web portal runs with root privileges, successful exploitation grants full control over the device, potentially compromising its availability, confidentiality, and integrity...

CVE-2025-27037

Memory corruption while processing configdev IOCTL when camera kernel driver drops its reference to CPU buffers...

CVE-2025-9495

The Vitogate 300 web interface fails to enforce proper server-side authentication and relies on frontend-based authentication controls. This allows an attacker to simply modify HTML elements in the browser’s developer tools to bypass login restrictions. By removing specific UI elements, an attack...

Zenitel ICX500和Zenitel ICX510 安全漏洞

Zenitel ICX500 and Zenitel ICX510 are both communication and control platforms from Zenitel Norway. A security vulnerability exists in the Zenitel ICX500 and Zenitel ICX510 that originates from an attacker being able to execute arbitrary commands that could result in full control of the device...

PT-2025-39447

Name of the Vulnerable Software and Affected Versions Affected versions not specified Description This issue allows attackers to execute arbitrary commands on the underlying system. Successful exploitation grants full control over the device due to the web portal running with root privileges,...

CVE-2025-27037

CVE-2025-27037 affects Qualcomm chipsets due to a memory corruption issue in the camera subsystem. The root cause is described as memory corruption occurring while processing the config_dev IOCTL when the camera kernel driver drops its references to CPU buffers. Multiple sources consolidate this ...

CVE-2025-27037 Use After Free in Camera Driver

Memory corruption while processing configdev IOCTL when camera kernel driver drops its reference to CPU buffers...

Qualcomm Chipsets 资源管理错误漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A resource management error vulnerability exists in Qualcomm Chipsets that stems from memory corruption due to the camera kernel driver releasing CPU buffer references when processing the configdev IOCTL...

PT-2025-39275

Name of the Vulnerable Software and Affected Versions versions prior to 2025 Description A memory corruption issue exists when processing a config dev IOCTL within the camera kernel driver. This occurs when the driver releases its reference to CPU buffers. The issue could potentially allow for...

CVE-2025-9495

CVE-2025-9495 - Vitogate 300 Authentication Bypass : The Vitogate 300 web interface relies on frontend-based authentication controls and does not enforce proper server-side authentication. An attacker can modify HTML elements via browser developer tools to bypass login restrictions and reveal the...

PT-2025-39104

Name of the Vulnerable Software and Affected Versions Vitogate 300 affected versions not specified Description The web interface does not properly enforce server-side authentication, relying instead on frontend-based authentication controls. This allows an attacker to bypass login restrictions by...

Viessmann Vitogate 300 安全漏洞

Viessmann Vitogate 300 is a communication gateway from Viessmann, Germany. A security vulnerability exists in the Viessmann Vitogate 300 that stems from not implementing proper server-side authentication and relying on front-end authentication controls, which could allow an attacker to bypass log...

CVE-2025-57440

The Blackmagic ATEM Mini Pro 2.7 exposes an undocumented Telnet service on TCP port 9993, which accepts unauthenticated plaintext commands for controlling streaming, recording, formatting storage devices, and system reboot. This interface, referred to as the "ATEM Ethernet Protocol 1.0", provides...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to properly handle queues when signaling an interrupt to nbdstartdeviceioctl, which could result i...

D-Link DI-8400 yyxz.asp File Stack Buffer Overflow Vulnerability

The D-Link DI-8400 is an enterprise-class Internet behavior management router from D-Link for medium to large enterprise network environments. The D-Link DI-8400 suffers from a stack buffer overflow vulnerability that originates from a stack-based buffer overflow in the parameter ID of the functi...

D-Link DI-8400 安全漏洞

The D-Link DI-8400 is an enterprise-class Internet behavior management router from D-Link for medium to large enterprise network environments. The D-Link DI-8400 suffers from a stack buffer overflow vulnerability that originates from a stack-based buffer overflow in the parameter ID of the functi...