PT-2026-29806

A flaw has been found in Trendnet TEW-657BRM 1.00.1. Affected by this vulnerability is the function vpn connect of the file /setup.cgi. Executing a manipulation of the argument policy name can lead to os command injection. The attack can be executed remotely. The exploit has been published and ma...

EUVD-2025-205573

A vulnerability was found in GreenCMS up to 2.3. This affects an unknown part of the file /DataController.class.php of the component File Handler. Performing manipulation of the argument sqlFiles/zipFiles results in path traversal. The attack can be initiated remotely. The exploit has been made...

EUVD-2024-47705

Malicious code in bioql PyPI...

UBUNTU-CVE-2025-8585

A vulnerability, which was classified as critical, has been found in libav up to 12.3. Affected by this issue is the function main of the file /avtools/avconv.c of the component DSS File Demuxer. The manipulation leads to double free. Attacking locally is a requirement. The exploit has been...

CVE-2025-8159

A vulnerability was found in D-Link DIR-513 1.0. It has been rated as critical. This issue affects the function formLanguageChange of the file /goform/formLanguageChange of the component HTTP POST Request Handler. The manipulation of the argument curTime leads to stack-based buffer overflow. The...

IcedTea: Multiple Vulnerabilities

Background IcedTea’s aim is to provide OpenJDK in a form suitable for easy configuration, compilation and distribution with the primary goal of allowing inclusion in GNU/Linux distributions. Description Multiple vulnerabilities have been discovered in IcedTea. Please review the CVE identifiers...

Slurm: Multiple Vulnerabilities

Background Slurm is a highly scalable resource manager. Description Multiple vulnerabilities have been discovered in Slurm. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at...

PT-2024-38953 · Unknown · Hfo4 Shudong-Share

Name of the Vulnerable Software and Affected Versions: HFO4 shudong-share version 2.4.7 Description: A critical vulnerability was found in the file /includes/fileReceive.php of the component File Extension Handler. The manipulation of the file argument leads to unrestricted upload. The attack can...

Sofia-SIP: Multiple Vulnerabilities

Background Sofia-SIP is an RFC3261 compliant SIP User-Agent library. Description Multiple vulnerabilities have been discovered in Sofia-SIP. Please review the CVE identifiers referenced below for details. Impact Multiple vulnerabilities have been discovered in Sofia-SIP. Please review the CVE...

PT-2024-6486 · D Link · Dns-320L +18

Name of the Vulnerable Software and Affected Versions: D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05, and DNS-1550-04 up to 20240814 Description: A...

Apache Log4j: Multiple Vulnerabilities

Background Log4j is a Java logging framework that supports various use cases with a rich set of components, a separate API, and a performance-optimized implementation. Description Multiple vulnerabilities hav been discovered in Apache Log4j. Please review the CVE identifiers referenced below for...

GNAT Ada Suite: Remote Code Execution

Background The GNAT Ada Suite is an Ada development environment. Description A vulnerability has been discovered in GNAT Ada Suite. Please review the CVE identifier referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workarou...

GOCR: Multiple Vulnerabilities

Background GOCR is an OCR Optical Character Recognition program, developed under the GNU Public License. It converts scanned images of text back to text files. Description Multiple vulnerabilities have been discovered in GOCR. Please review the CVE identifiers referenced below for details. Impact...

GLSA-202209-10 : Logcheck: Root privilege escalation

The remote host is affected by the vulnerability described in GLSA-202209-10 Logcheck: Root privilege escalation - In the ebuild package through logcheck-1.3.23.ebuild for Logcheck on Gentoo, it is possible to achieve root privilege escalation from the logcheck user because of insecure recursive...

Oracle JDK/JRE: Multiple vulnerabilities

Background Java Platform, Standard Edition Java SE lets you develop and deploy Java applications on desktops and servers, as well as in today's demanding embedded environments. Java offers the rich user interface, performance, versatility, portability, and security that today's applications...

GLSA-202209-07 : Mrxvt: Arbitrary Code Execution

The remote host is affected by the vulnerability described in GLSA-202209-07 Mrxvt: Arbitrary Code Execution - rxvt-unicode 9.22, rxvt 2.7.10, mrxvt 0.5.4, and Eterm 0.9.7 allow potentially remote code execution because of improper handling of certain escape sequences ESC G Q. A response is...

GHSA-JQ66-XH47-J9F3 Type confusion if __private_get_type_id__ is overriden

An issue was discovered in the failure crate through 0.1.5 for Rust. It may introduce "compatibility hazards" in some applications, and has a type confusion flaw when downcasting. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: This may overlap...

GLSA-202101-29 : OpenJPEG: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202101-29 OpenJPEG: Multiple vulnerabilities Multiple vulnerabilities have been discovered in OpenJPEG. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for...

PyCrypto: Weak key generation

Background PyCrypto is the Python Cryptography Toolkit. Description It was discovered that PyCrypto incorrectly generated ElGamal key parameters. Impact Attackers may be able to obtain sensitive information by reading ciphertext data. Workaround There is no known workaround at this time. Resoluti...

GLSA-202007-31 : Icinga: Root privilege escalation

The remote host is affected by the vulnerability described in GLSA-202007-31 Icinga: Root privilege escalation It was discovered that Icingas installed files have insecure permissions, possibly allowing root privilege escalation. Impact : A local attacker could escalate privileges to root...