CVE-2025-34503 Shuffle Master Deck Mate 1 Unauthenticated EEPROM Firmware Execution

Deck Mate 1 executes firmware directly from an external EEPROM without verifying authenticity or integrity. An attacker with physical access can replace or reflash the EEPROM to run arbitrary code that persists across reboots. Because this design predates modern secure-boot or signed-update...

The vulnerability of Veeam Backup & Replication’s protection mechanisms for cloud, virtual, and physical systems stems from errors in privilege management, allowing attackers to execute arbitrary code.

The vulnerability of Veeam Backup & Replication’s protection tools for cloud, virtual, and physical systems stems from errors in privilege management. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

Hitachi Energy's RTU500 series Unrestricted Upload of File with Dangerous Type (CVE-2024-1532)

A vulnerability exists in the stb-language file handling that affects the RTU500 series product versions listed below. A malicious actor could enforce diagnostic texts being displayed as empty strings, if an authorized user uploads a specially crafted stb-language file. This plugin only works wit...

ABB Relion 650 and 670 Series Improper Input Validation (CVE-2019-18247)

An attacker may use a specially crafted message to force Relion 650 series versions 1.3.0.5 and prior or Relion 670 series versions 1.2.3.18, 2.0.0.11, 2.1.0.1 and prior to reboot, which could cause a denial of service. This plugin only works with Tenable.ot. Please visit...

CVE-2020-13468

Gigadevice GD32F130 devices allow physical attackers to escalate their debug interface permissions via fault injection into inter-IC bonding wires which have insufficient physical protection...

CVE-2020-13468

Gigadevice GD32F130 devices allow physical attackers to escalate their debug interface permissions via fault injection into inter-IC bonding wires which have insufficient physical protection...