CVE-2025-2848

A vulnerability in Synology Mail Server allows remote authenticated attackers to read and write non-sensitive settings, and disable some non-critical functions...

CVE-2025-2848

A vulnerability in Synology Mail Server allows remote authenticated attackers to read and write non-sensitive settings, and disable some non-critical functions...

CVE-2025-2848

A vulnerability in Synology Mail Server allows remote authenticated attackers to read and write non-sensitive settings, and disable some non-critical functions...

CVE-2025-2848

CVE-2025-2848 affects Synology Mail Server. Multiple sources describe remote authenticated access that allows reading and writing non-sensitive settings and disabling some non-critical functions, with potential risks to mail configuration stability. PT-Security cites affected DSM versions before ...

EUVD-2025-201170

A vulnerability in Synology Mail Server allows remote authenticated attackers to read and write non-sensitive settings, and disable some non-critical functions...

CVE-2025-2848

A vulnerability in Synology Mail Server allows remote authenticated attackers to read and write non-sensitive settings, and disable some non-critical functions...

CVE-2025-2848

A vulnerability in Synology Mail Server allows remote authenticated attackers to read and write non-sensitive settings, and disable some non-critical functions...

PT-2025-47086

Name of the Vulnerable Software and Affected Versions WeiYe-Jing datax-web versions up to 2.1.2 Description A flaw exists in the Job Handler component of WeiYe-Jing datax-web, specifically within the remove, update, pause, start, and triggerJob functions. This issue results in improper access...

EUVD-2007-5400

Malware in sbrugna...

CVE-2025-30126

CVE-2025-30126 concerns Marbella KR8s Dashcam FF 2.0.8. The vulnerability allows a remote attacker to access port 7777 without pairing or physical interaction and modify settings to disable recording, delete recordings, or disable battery protection, which can lead to a flat battery and the car b...

CVE-2025-30107

On IROAD V9 devices, Managing Settings and Obtaining Sensitive Data and Sabotaging the Car Battery can be performed by unauthorized parties. A vulnerability in the dashcam's configuration management allows unauthorized users to modify settings, disable critical functions, and turn off battery...

PT-2024-24184 · Rizin · Rizin

Name of the Vulnerable Software and Affected Versions: rizin versions prior to 0.6.3 Description: The issue is related to a buffer overflow that can occur via the create cache bins, read cache accel, and rz dyldcache new buf functions in librz/bin/format/mach0/dyldcache.c. This can potentially le...

PT-2024-7236 · D Link · D-Link Dir-605L

Name of the Vulnerable Software and Affected Versions: D-Link DIR-605L version 2.13B01 BETA Description: A critical issue has been found in the D-Link DIR-605L router's firmware, specifically affecting the formSetWAN Wizard51 and formSetWAN Wizard52 functions. This issue is related to a buffer...

PT-2024-29968 · Github · Actions/Artifact

Name of the Vulnerable Software and Affected Versions: actions/artifact versions 2.0.0 through 2.1.1 actions/artifact versions 2.1.2 through 2.1.6 Description: The issue concerns arbitrary file write when using downloadArtifactInternal, downloadArtifactPublic, or streamExtractExternal for...

PT-2024-29339 · Mmudb · Mmudb

Name of the Vulnerable Software and Affected Versions: mmudb version 1.9.3 Description: The issue concerns the use of the HTTP protocol in the ShowMetricsRaw and ShowMetricsAsText functions, which could allow attackers to intercept communications via a man-in-the-middle attack. Recommendations: F...

PT-2024-26786 · WordPress · Ubermenu

Name of the Vulnerable Software and Affected Versions: UberMenu plugin for WordPress versions up to, and including, 3.8.3 Description: The issue is due to missing or incorrect nonce validation on the ubermenu delete all item settings and ubermenu reset settings functions. This allows...

PT-2024-22873 · Unknown · Css Exfil Protection

Name of the Vulnerable Software and Affected Versions: CSS Exfil Protection version 1.1.0 Description: An issue in CSS Exfil Protection allows a remote attacker to obtain sensitive information via the content.js and parseCSSRules functions. Recommendations: For CSS Exfil Protection version 1.1.0,...

PT-2024-22528 · Pdf2Json · Pdf2Json

Name of the Vulnerable Software and Affected Versions: pdf2json version 0.70 Description: A buffer overflow issue allows a local attacker to execute arbitrary code via the GString::copy and ImgOutputDev::ImgOutputDev function. Recommendations: For pdf2json version 0.70, consider disabling the...

PT-2024-6486 · D Link · Dns-320L +18

Name of the Vulnerable Software and Affected Versions: D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05, and DNS-1550-04 up to 20240814 Description: A...

PT-2024-4665 · Python +9 · Python +9

Name of the Vulnerable Software and Affected Versions: Python versions prior to 3.10.14 Python versions prior to 3.11.9 Python versions prior to 3.12.3 Python versions prior to 3.13.0a5 Description: A defect was discovered in the Python “ssl” module where there is a memory race condition with the...