CVE-2025-59374

"UNSUPPORTED WHEN ASSIGNED" Certain versions of the ASUS Live Update client were distributed with unauthorized modifications introduced through a supply chain compromise. The modified builds could cause devices meeting specific targeting conditions to perform unintended actions. Only devices that...

CVE-2025-59374

"UNSUPPORTED WHEN ASSIGNED" Certain versions of the ASUS Live Update client were distributed with unauthorized modifications introduced through a supply chain compromise. The modified builds could cause devices meeting specific targeting conditions to perform unintended actions. Only devices that...

EUVD-2021-22927

Malware in sbrugna...

EUVD-2021-12387

Malware in sbrugna...

EUVD-2021-28761

Malicious code in bioql PyPI...

EUVD-2021-30120

Malicious code in bioql PyPI...

45 Previously Unreported Domains Expose Longstanding Salt Typhoon Cyber Espionage

Threat hunters have discovered a set of previously unreported domains, some going back to May 2020, that are associated with China-linked threat actors Salt Typhoon and UNC4841. "The domains date back several years, with the oldest registration activity occurring in May 2020, further confirming...

CVE-2021-41751

Buffer overflow vulnerability in file ecma-builtin-array-prototype.c:909 in function ecmabuiltinarrayprototypeobjectslice in Jerryscript before commit e1ce7dd7271288be8c0c8136eea9107df73a8ce2 on Oct 20, 2021...

CVE-2021-43175

The GOautodial API prior to commit 3c3a979 made on October 13th, 2021 exposes an API router that accepts a username, password, and action that routes to other PHP files that implement the various API functions. Vulnerable versions of GOautodial validate the username and password incorrectly,...

Oracle Siebel Server (October 2021 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2021 CPU advisory. - Vulnerability in the Siebel Core - Automation product of Oracle Siebel CRM component: Test Automation Eclipse Jetty. Supported versions that ar...

CVE-2021-34751

A vulnerability in the administrative web-based GUI configuration manager of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to access sensitive configuration information. The attacker would require low privilege credentials on an affected device. This...

CVE-2022-38396

HP Factory Preinstalled Images on certain systems that shipped with Windows 10 versions 20H2 and earlier OS versions might allow escalation of privilege via execution of certain files outside the restricted path. This potential vulnerability was remediated starting with Windows 10 versions 21H2 o...

Oracle Database 12.1.0.2 Spatial Component Privilege Escalation

Title: Oracle Database Privilege Escalation Through Oracle Spatial Component Product: Database Manufacturer: Oracle Affected Versions: 12.1.0.2 Tested Versions: 12cR1 Risk Level: High Solution Status: Fixed in Oracle Critical Patch Update October 2021 CVE Reference: N/A, Backported in Oracle CPU...

Oracle Enterprise Manager Ops Center UCE Patches (Oct 2021 CPU)

The 12.4.0.0 versions of Enterprise Manager Ops Center installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2021 CPU advisory. - Vulnerability in the Enterprise Manager Ops Center product of Oracle Enterprise Manager component: Networking Apache HTTP...

Security Bulletin: CVE-2021-35561 may affect IBM® SDK, Java™ Technology Edition for Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections

Summary CVE-2021-35561 was disclosed as part of the Oracle October 2021 Critical Patch Update. Vulnerability Details CVEID:CVE-2021-35561 DESCRIPTION: An unspecified vulnerability in Java SE related to the Utility component could allow an unauthenticated attacker to cause a denial of service...

PT-2022-19405 · Dell · Os10

Name of the Vulnerable Software and Affected Versions: Dell Networking OS10 versions prior to October 2021 Description: The issue allows a remote, unauthenticated attacker to potentially exploit it by reverse engineering to retrieve sensitive information and access the REST API with admin...

Security Bulletin: The IBM® SDK Java Technology Edition, October 2021 CPU affect multiple IBM Continuous Engineering products based on IBM Jazz Technology

Summary There are multiple security vulnerabilities that are addressed in the IBM® SDK Java Technology Edition, October 2021 CPU. The following products: IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Collaborative Lifecycle Management CLM, Engineering...

Security Bulletin: IBM SDK, Java Technology Edition, Security Update October 2021

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, 8 that are used by Rational Application Developer®. These issues were disclosed as part of the IBM Java SDK updates in October 2021. IBM 8 Fix SR7 FP5 8.0.7.5. Vulnerability Details CVEID: CVE-2022-21365 DESCRIPTION:...

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Oct 2021 - Includes Oracle October 2021 CPU

Summary Multiple vulnerabilities has been identified in IBM Java. IBM SDK, Java Technology Edition Quarterly CPU - Oct 2021 - Includes Oracle October 2021 CPU Copy Services Manager has a dependency on Java. Version CSM 6.3.1 and prior are therefore exposed by this vulnerability. CSM 6.3.2 ships a...

Security Updates for Microsoft Excel Products C2R (October 2021)

The Microsoft Excel Products are missing security updates. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. CVE-2021-40474, CVE-2021-40485 - An...