92 matches found
CVE-2025-2347
CVE-2025-2347 affects IROAD Dash Cam FX2 (up to 20250308). The vulnerability is in the device registration processing and is triggered by manipulating the Password argument (input: qwertyuiop), which enables use of the default password. The attack requires local-network access, and the exploit ha...
CVE-2025-2121
A vulnerability classified as critical has been found in Thinkware Car Dashcam F800 Pro up to 20250226. Affected is an unknown function of the component File Storage. The manipulation leads to improper access controls. The attack can only be done within the local network. The exploit has been...
CVE-2025-2121 Thinkware Car Dashcam F800 Pro File Storage access control
A vulnerability classified as critical has been found in Thinkware Car Dashcam F800 Pro up to 20250226. Affected is an unknown function of the component File Storage. The manipulation leads to improper access controls. The attack can only be done within the local network. The exploit has been...
CVE-2025-2121 Thinkware Car Dashcam F800 Pro File Storage access control
A vulnerability classified as critical has been found in Thinkware Car Dashcam F800 Pro up to 20250226. Affected is an unknown function of the component File Storage. The manipulation leads to improper access controls. The attack can only be done within the local network. The exploit has been...
Linux Distros Unpatched Vulnerability : CVE-2022-36765
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - EDK2 is susceptible to a vulnerability in the CreateHob function, allowing a user to trigger a integer overflow to buffer overflow via a local network. Successf...
CVE-2025-1081
CVE-2025-1081 affects Bharti Airtel Xstream Fiber (up to 20250123) and its WiFi Password Handler. The issue enables use of weak credentials via local-network access, with attack complexity rated as HIGH and affected confidentiality as PARTIAL. Multiple sources note the exploit has been disclosed ...
CVE-2024-12342
TP-Link VN020 F3v(T) TT_V6.2.1021 has a high-severity vulnerability in the Incomplete SOAP Request Handler for the WANIPConnection UPnP service. The issue enables denial of service via malformed SOAP requests, exploitable from the local network. Public PoCs and exploit details exist (e.g., Exploi...
CentOS 8 : edk2 (CESA-2024:3017)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:3017 advisory. - EDK2 is susceptible to a vulnerability in the Tcg2MeasureGptTable function, allowing a user to trigger a heap buffer overflow via a local network...
AZL-39424 CVE-2022-36765 affecting package hvloader for versions less than 1.0.1-3
EDK2 is susceptible to a vulnerability in the CreateHob function, allowing a user to trigger a integer overflow to buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability...
PT-2022-7658 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.1.1 Description: The vulnerability is related to a buffer overflow issue in the vivid component of the Linux kernel. It occurs due to a failure to check boundaries after adjusting the compose height in the V4L...
Fast8690-exploit
Sagemcom Fast 3890 exploit This exploit uses the Cable Haunt...
CSRF vulnerability in the latest version of beecms
beecms is an enterprise website management system based on PHP+Mysql architecture. The latest version of beecms has a CSRF vulnerability. Due to the failure of the add administrator form in the background to protect the token, adminadmin.php 102 lines to start processing add administrator, failed...