EUVD-2023-48479

Malicious code in bioql PyPI...

EUVD-2024-34369

Malicious code in bioql PyPI...

EUVD-2021-27526

Malicious code in bioql PyPI...

EUVD-2023-32395

Malicious code in bioql PyPI...

EUVD-2023-58580

Malicious code in bioql PyPI...

Cisco IOS Software SNMP DoS RCE (cisco-sa-snmp-x4LPhte)

According to its self-reported version, Cisco IOS is affected by a vulnerability. - A vulnerability in the Simple Network Management Protocol SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow the following: An authenticated, remote attacker with low privileges could cause...

CVE-2025-20333

A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to improper...

Vulnerabilities fixed in Cisco Secure Firewall ASA and FTD

Cisco has fixed vulnerabilities in Cisco Secure Firewall ASA and FTD Software. The vulnerability with reference CVE-2025-20333, is located in how the software validates user input in HTTPS requests. An attacker with valid VPN login credentials can exploit this vulnerability by sending specially...

CVE-2025-20363

CVE-2025-20363 affects Cisco Secure Firewall ASA/FTD web services and multiple Cisco IOS families (IOS, IOS XE, IOS XR). Root cause: improper validation of user-supplied input in HTTP requests, enabling remote code execution. Impact: attacker could run arbitrary code as root, potentially fully co...

VulnCheck KEV: CVE-2025-20333

A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to improper...

CVE-2025-20352

A vulnerability in the Simple Network Management Protocol SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow the following: An authenticated, remote attacker with low privileges could cause a denial of service DoS condition on an affected device that is running Cisco IOS...

CVE-2025-20352

CVE-2025-20352 concerns Cisco IOS/IOS XE SNMP subsystem. A stack-based buffer overflow could allow a low-privileged, authenticated remote attacker to cause a DoS (reload) or, with higher privileges, execute arbitrary code as root on affected devices. Exploitation requires SNMP credentials (v2c/v1...

VulnCheck KEV: CVE-2025-20352

A vulnerability in the Simple Network Management Protocol SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow the following: An authenticated, remote attacker with low privileges could cause a denial of service DoS condition on an affected device that is running Cisco IOS...

PT-2025-39307

Name of the Vulnerable Software and Affected Versions Cisco IOS and IOS XE Software versions prior to IOS XE 17.15.4a Description A vulnerability exists in the Simple Network Management Protocol SNMP subsystem of Cisco IOS and IOS XE Software. This flaw, a stack overflow condition, allows an...

Uncontrolled Search Path Element

Overview Affected versions of this package are vulnerable to Uncontrolled Search Path Element via the safeasterisk script, which sources all .sh files in the /etc/asterisk/startup.d/ directory as root without validating ownership or permissions. An attacker can execute arbitrary code with root...

2wcom IP-4c 安全漏洞

The 2wcom IP-4c is an audio codec device from the German company 2wcom. A security vulnerability exists in the 2wcom IP-4c version 2.16, which originates from a web interface that allows administrator and manager users to execute arbitrary code as root via the ping or traceroute fields on the...

Amazon Linux 2 : mock, --advisory ALAS2MOCK-2025-001 (ALASMOCK-2025-001)

The version of mock installed on the remote host is prior to 1.4.19-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2MOCK-2025-001 advisory. The Mock software contains a vulnerability wherein an attacker could potentially exploit privilege escalation, enabling the...

Linux Distros Unpatched Vulnerability : CVE-2023-6395

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Mock software contains a vulnerability wherein an attacker could potentially exploit privilege escalation, enabling the execution of arbitrary code with roo...

Linux Distros Unpatched Vulnerability : CVE-2022-23124

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - This vulnerability allows remote attackers to disclose sensitive information on affected installations of Netatalk. Authentication is not required to exploit th...

Linux Distros Unpatched Vulnerability : CVE-2022-2320

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Xorg-x11-server. The specific flaw exists within the handling of ProcXkbSetDeviceInfo requests. The issue results from the lack of prope...