CVE-2021-27942

Vizio P65-F1 6.0.31.4-2 and E50x-E1 10.0.31.4-2 Smart TVs allow a threat actor to execute arbitrary code from a USB drive via the Smart Cast functionality, because files on the USB drive are effectively under the web root and can be executed...

Solidigm DC 安全漏洞

Solidigm DC is a solid state drive product from Solidigm, Inc. A security vulnerability exists in Solidigm DC that stems from improper firmware resource management and could lead to unauthorized access to a locked storage device by a local or physical attacker...

EUVD-2005-0731

Malware in sbrugna...

EUVD-2019-11373

Malware in sbrugna...

EUVD-2025-5512

Malicious code in bioql PyPI...

EUVD-2023-56850

Malicious code in bioql PyPI...

EUVD-2022-34255

Malicious code in bioql PyPI...

EUVD-2023-31161

Malicious code in bioql PyPI...

(0Day) Google Drive File Sharing Mark-of-the-Web Bypass Vulnerability

This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of Google Drive. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

(0Day) Google Drive ZIP File Mark-of-the-Web Bypass Remote Code Execution Vulnerability

This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of Google Drive. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

CVE-2025-3705

A physical attacker with no privileges can gain full control of the affected device due to improper neutralization of special elements used in an OS Command 'OS Command Injection' when loading a config file from a USB drive...

CVE-2022-28387

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design, they can be unlocked by an attacker who can then gain unauthorized access to the stored data. The attacker can simply use an undocumented IOCTL command that retrieves the correct password. This affec...

CVE-2022-34866

Passage Drive versions v1.4.0 to v1.5.1.0 and Passage Drive for Box version v1.0.0 contain an insufficient data verification vulnerability for interprocess communication. By running a malicious program, an arbitrary OS command may be executed with LocalSystem privilege of the Windows system where...

CVE-2025-1882

A vulnerability was found in i-Drive i11 and i12 up to 20250227. It has been rated as critical. Affected by this issue is some unknown functionality of the component Device Setting Handler. The manipulation leads to improper access control for register interface. The attack needs to be done withi...

CVE-2025-1881

A vulnerability was found in i-Drive i11 and i12 up to 20250227. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Video Footage/Live Video Stream. The manipulation leads to improper access controls. The attack can be launched remotel...

CVE-2025-1881

CVE-2025-1881 affects i-Drive i11 and i12 (up to 20250227). Vulnerability lies in Video Footage/Live Video Stream, leading to improper access controls that enable remote exploitation. Attack surface is network-based with low attack complexity and no user interaction required; attacker needs at le...

CVE-2025-1879

A vulnerability was found in i-Drive i11 and i12 up to 20250227 and classified as problematic. This issue affects some unknown processing of the component APK. The manipulation leads to hard-coded credentials. It is possible to launch the attack on the physical device. It was not possible to...

CVE-2025-1878

CVE-2025-1878 affects i-Drive i11/i12 (up to 20250227). The vulnerability concerns the WiFi component and enables use of a default password, requiring local-network access with high attack complexity. The product’s maintainer is not identified and the product appears end-of-life. No remediation d...

CVE-2024-52925

In OPSWAT MetaDefender Kiosk before 4.7.0, arbitrary code execution can be performed by an attacker via the MD Kiosk Unlock Device feature for software encrypted USB drives...

CVE-2024-52925

OPSWAT MetaDefender Kiosk prior to version 4.7.0 is affected by an arbitrary code execution vulnerability via the MD Kiosk Unlock Device feature for software-encrypted USB drives. The root cause is exploitation of the unlock device functionality, enabling an attacker to execute code on the host. ...