339 matches found
EUVD-2024-53779
Malicious code in bioql PyPI...
EUVD-2023-30061
Malicious code in bioql PyPI...
EUVD-2022-28197
Malicious code in bioql PyPI...
EUVD-2024-38240
Malicious code in bioql PyPI...
EUVD-2022-45111
Malicious code in bioql PyPI...
EUVD-2023-58992
Malicious code in bioql PyPI...
WSO2 Identity Server 安全漏洞
WSO2 Identity Server IS is an identity server from WSO2, Inc. A security vulnerability exists in WSO2 Identity Server IS that stems from improper handling of error messages and could lead to malicious content injection and social engineering attacks...
CVE-2025-58142
A NULL pointer dereference vulnerability exists in Xen’s viridian implementation by assuming the synthetic interrupt message SIM page is mapped when delivering a synthetic timer message. A malicious x86 HVM guest with the stimer viridian extension enabled could trigger this flaw, leading to a hos...
Linux Distros Unpatched Vulnerability : CVE-2020-25788
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Tiny Tiny RSS aka tt-rss before 2020-09-16. imgproxy in plugins/afproxyhttp/init.php mishandles $REQUESTurl in an error message...
CVE-2025-38566 sunrpc: fix handling of server side tls alerts
In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix handling of server side tls alerts Scott Mayhew discovered a security exploit in NFS over TLS in tlsalertrecv due to its assumption it can read data from the msg iterator's kvec.. kTLS implementation splits TLS non-da...
Linux Distros Unpatched Vulnerability : CVE-2021-46969
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bus: mhi: core: Fix invalid error returning in mhiqueue mhiqueue returns an error when the...
Linux Distros Unpatched Vulnerability : CVE-2024-35841
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: tls, fix WARNIING in skmsgfree A splice with MSGSPLICEPAGES will cause tls code to use...
CVE-2025-38341
CVE-2025-38341 pertains to the Linux kernel fbnic driver. The issue is described as a double-free scenario when DMA-mapping a FW message fails within fbnic_mbx_map_msg(), with the documented behavior that the caller retains ownership of the message on error and the page is freed by existing calle...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS in the Overview tab error message handling process. An attacker can execute arbitrary JavaScript code in the context of the affected user's browser by injecting malicious payloads into error messages that are...
CVE-2025-5829
Autel MaxiCharger AC Wallbox Commercial autocharge Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers...
CVE-2025-5829
Autel MaxiCharger AC Wallbox Commercial autocharge Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers...
CVE-2025-5827
Autel MaxiCharger AC Wallbox Commercial bleprocessesp32msg Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers. Authenticati...
CVE-2025-5829 Autel MaxiCharger AC Wallbox Commercial autocharge Stack-based Buffer Overflow Remote Code Execution Vulnerability
Autel MaxiCharger AC Wallbox Commercial autocharge Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers...
CVE-2025-5829
Autel MaxiCharger AC Wallbox Commercial is affected by CVE-2025-5829. The issue is a stack-based buffer overflow in JSON message handling caused by insufficient validation of user-supplied data before copying to a fixed-length buffer, enabling remote code execution. Impact: requires physical acce...
Hitachi Energy MicroSCADA X SYS600 安全漏洞
Hitachi MicroSCADA X SYS600 is a Hitachi Energy MicroSCADA X SYS600, a data acquisition and monitoring control system primarily used in power systems. A security vulnerability exists in Hitachi Energy MicroSCADA X SYS600 that originates from a denial of service due to improper handling of IEC...