738 matches found
EUVD-2022-38156
Malicious code in bioql PyPI...
EUVD-2022-38161
Malicious code in bioql PyPI...
EUVD-2023-26482
Malicious code in bioql PyPI...
EUVD-2023-27699
Malicious code in bioql PyPI...
EUVD-2022-27883
Malicious code in bioql PyPI...
RLSA-2025:9146 Moderate: podman security update
The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: net/http: Request smuggling due to acceptance of invalid chunked data in net/http...
CVE-2025-24322
An unsafe default authentication vulnerability exists in the Initial Setup Authentication functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted network request can lead to arbitrary code execution. An attacker can browse to the device to trigger this vulnerability...
CVE-2025-24322
An unsafe default authentication vulnerability exists in the Initial Setup Authentication functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted network request can lead to arbitrary code execution. An attacker can browse to the device to trigger this vulnerability...
PT-2025-34044 · Tenda · Tenda Ac6
Name of the Vulnerable Software and Affected Versions: Tenda AC6 version V02.03.01.110 Description: An unsafe default authentication issue exists in the Initial Setup Authentication functionality. A specially crafted network request can lead to arbitrary code execution. An attacker can access the...
CVE-2025-53097 Roo Code extension vulnerable to Potential Information Leakage via JSON Schema
Roo Code is an AI-powered autonomous coding agent. Prior to version 3.20.3, there was an issue where the Roo Code agent's searchfiles tool did not respect the setting to disable reads outside of the VS Code workspace. This means that an attacker who was able to inject a prompt into the agent coul...
Fortinet FortiOS 安全漏洞
Fortinet FortiOS is a set of security operating systems dedicated to the FortiGate network security platform from the U.S. company Fiat Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. Fortinet FortiOS...
Fortinet FortiClientEMS 安全漏洞
Fortinet FortiClientEMS is part of Fortinet's Endpoint Management solution from Fortinet, Inc. and is designed to help organizations effectively manage endpoint devices in their networks and provide monitoring and control of endpoint security. A security vulnerability exists in Fortinet...
CVE-2023-22844
An authentication bypass vulnerability exists in the requestHandlers.js verifyToken functionality of Milesight VPN v2.0.2. A specially-crafted network request can lead to authentication bypass. An attacker can send a network request to trigger this vulnerability...
CVE-2023-48262
The vulnerability allows an unauthenticated remote attacker to perform a Denial-of-Service DoS attack or, possibly, obtain Remote Code Execution RCE via a crafted network request...
CVE-2023-48263
The vulnerability allows an unauthenticated remote attacker to perform a Denial-of-Service DoS attack or, possibly, obtain Remote Code Execution RCE via a crafted network request...
CVE-2023-48266
The vulnerability allows an unauthenticated remote attacker to perform a Denial-of-Service DoS attack or, possibly, obtain Remote Code Execution RCE via a crafted network request...
CVE-2023-47166
A firmware update vulnerability exists in the luci2-io file-import functionality of Milesight UR32L v32.3.0.7-r2. A specially crafted network request can lead to arbitrary firmware update. An attacker can send a network request to trigger this vulnerability...
CVE-2023-35967
Two heap-based buffer overflow vulnerabilities exist in the gwcfgcgisetmanagepostdata functionality of Yifan YF325 v1.020221108. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger these vulnerabilities.This integer overflow...
CVE-2023-35968
Two heap-based buffer overflow vulnerabilities exist in the gwcfgcgisetmanagepostdata functionality of Yifan YF325 v1.020221108. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger these vulnerabilities.This integer overflow...
CVE-2023-35966
Two heap-based buffer overflow vulnerabilities exist in the httpd managepost functionality of Yifan YF325 v1.020221108. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger these vulnerabilities.This integer overflow result is...