CVE-2025-34500

Deck Mate 2's firmware update mechanism accepts packages without cryptographic signature verification, encrypts them with a single hard-coded AES key shared across devices, and uses a truncated HMAC for integrity validation. Attackers with access to the update interface - typically via the unit's...

CVE-2025-34500

CVE-2025-34500 affects Deck Mate 2. The firmware update mechanism accepts unsigned packages, uses a single hard-coded AES key for encryption, and applies a truncated HMAC for integrity, enabling an attacker with USB/update-interface access to craft/modify firmware to execute arbitrary code as roo...

EUVD-2025-34818

Reolink Video Doorbell WiFi DB566128M5MPW performs insufficient validation of firmware update signatures. This allows attackers to load malicious firmware images, resulting in arbitrary code execution with root privileges...

CVE-2025-60855

CVE-2025-60855 affects Reolink Video Doorbell WiFi DB_566128M5MP_W. The vulnerability is due to insufficient validation of firmware update signatures, which could allow loading of malicious firmware and result in arbitrary code execution with root privileges. Some sources note the supplier disput...

CVE-2025-60855

Reolink Video Doorbell WiFi DB566128M5MPW performs insufficient validation of firmware update signatures. This allows attackers to load malicious firmware images, resulting in arbitrary code execution with root privileges. NOTE: this is disputed by the Supplier because the integrity of updates is...

CVE-2025-11462 Local Privilege Escalation Vulnerability in AWS Client VPN macOS Client

Improper Link Resolution Before File Access in the AWS VPN Client for macOS versions 1.3.2- 5.2.0 allows a local user to execute code with elevated privileges. Insufficient validation checks on the log destination directory during log rotation could allow a non-administrator user to create a...

EUVD-2017-8008

Malware in sbrugna...

EUVD-2020-4257

Malware in sbrugna...

EUVD-2018-6611

Malware in sbrugna...

EUVD-2012-6599

Malware in sbrugna...

EUVD-2019-13330

Malware in sbrugna...

EUVD-2020-7409

Malware in sbrugna...

EUVD-2023-48479

Malicious code in bioql PyPI...

EUVD-2023-32395

Malicious code in bioql PyPI...

EUVD-2024-34369

Malicious code in bioql PyPI...

EUVD-2021-27526

Malicious code in bioql PyPI...

EUVD-2023-58580

Malicious code in bioql PyPI...

Cisco IOS Software SNMP DoS RCE (cisco-sa-snmp-x4LPhte)

According to its self-reported version, Cisco IOS is affected by a vulnerability. - A vulnerability in the Simple Network Management Protocol SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow the following: An authenticated, remote attacker with low privileges could cause...

Vulnerabilities fixed in Cisco Secure Firewall ASA and FTD

Cisco has fixed vulnerabilities in Cisco Secure Firewall ASA and FTD Software. The vulnerability with reference CVE-2025-20333, is located in how the software validates user input in HTTPS requests. An attacker with valid VPN login credentials can exploit this vulnerability by sending specially...

CVE-2025-20352

A vulnerability in the Simple Network Management Protocol SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow the following: An authenticated, remote attacker with low privileges could cause a denial of service DoS condition on an affected device that is running Cisco IOS...