CVE-2025-15548 Missing Application-Layer Encryption in Web Interface Endpoints on TP-Link VX800v

Some VX800v v1.0 web interface endpoints transmit sensitive information over unencrypted HTTP due to missing application layer encryption, allowing a network adjacent attacker to intercept this traffic and compromise its confidentiality...

CVE-2026-21908

A Use After Free vulnerability was identified in the 802.1X authentication daemon dot1xd of Juniper Networks Junos OS and Junos OS Evolved that could allow an authenticated, network-adjacent attacker flapping a port to crash the dot1xd process, leading to a Denial of Service DoS, or potentially...

CVE-2023-25946

Authentication bypass vulnerability in Qrio Lock Q-SL2 firmware version 2.0.9 and earlier allows a network-adjacent attacker to analyze the product's communication data and conduct an arbitrary operation under certain conditions...

CVE-2020-10926

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 V1.0.4.8410.0.58 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of firmware updates. The issue results fro...

EUVD-2021-21476

Malware in sbrugna...

EUVD-2020-9358

Malware in sbrugna...

EUVD-2023-36863

Malicious code in bioql PyPI...

EUVD-2023-26479

Malicious code in bioql PyPI...

EUVD-2022-37746

Malicious code in bioql PyPI...

EUVD-2023-41452

Malicious code in bioql PyPI...

EUVD-2024-39164

Malicious code in bioql PyPI...

EUVD-2022-46485

Malicious code in bioql PyPI...

EUVD-2023-41222

Malicious code in bioql PyPI...

EUVD-2023-39734

Malicious code in bioql PyPI...

EUVD-2023-26467

Malicious code in bioql PyPI...

CVE-2025-8654

Kenwood DMX958XR ReadMVGImage Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific fla...

CVE-2025-8654 Kenwood DMX958XR ReadMVGImage Command Injection Remote Code Execution Vulnerability

Kenwood DMX958XR ReadMVGImage Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific fla...

(Pwn2Own) QNAP QHora-322 tar Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of QNAP QHora-322 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of parameters provided to the tar executable. The issue...

CVE-2024-32051

Insertion of sensitive information into log file issue exists in RoamWiFi R10 prior to 4.8.45. If this vulnerability is exploited, a network-adjacent unauthenticated attacker with access to the device may obtain sensitive information...

CVE-2024-26258

OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent attacker with credentials to execute arbitrary OS commands by sending a specially crafted request to the product...