CVE-2026-37223

FlexRIC v2.0.0 contains a reachable assertion in the iApp message dispatcher. The dispatcher validates incoming E2AP messages against a 9-entry whitelist using assert. A remote unauthenticated attacker can send any decodable E2AP PDU with a message type not in the whitelist to crash the iApp...

EUVD-2004-0470

Malware in sbrugna...

EUVD-2006-2927

Malware in sbrugna...

EUVD-2024-16224

Malicious code in bioql PyPI...

UBUNTU-CVE-2025-38464

In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free in tipcconnclose. syzbot reported a null-ptr-deref in tipcconnclose during netns dismantle. 0 tipctopsrvstop iterates tipcnetnet-topsrv-connidr and calls tipcconnclose for each tipcconn. The problem is th...

CVE-2024-0429

A denial service vulnerability has been found on Hex Workshop affecting version 6.7, an attacker could send a command line file arguments and control the Structured Exception Handler SEH records resulting in a service shutdown...

CVE-2024-0429 Buffer overflow vulnerability on Hex Workshop

A denial service vulnerability has been found on Hex Workshop affecting version 6.7, an attacker could send a command line file arguments and control the Structured Exception Handler SEH records resulting in a service shutdown...

LetMeSpy Android Spyware Service Shuts Down After Data Breach

By Waqas LetMeSpy Faces Demise After Devastating Data Breach: Spyware Service Shuts Down Amidst Massive User Data Compromise. This is a post from HackRead.com Read the original post: LetMeSpy Android Spyware Service Shuts Down After Data Breach...

Hive Social pulls the plug on itself after security flaws found

You may well have changed your social media site of choice recently, but that doesnt mean the security implications of less familiar sites and services can be ignored. For the sites themselves, coping with an influx of new users can be nothing short of a large headache. And even the more...

CVE-2022-25250 PTC Axeda agent and Axeda Desktop Server Missing Authentication For Critical Function

When connecting to a certain port Axeda agent All versions and Axeda Desktop Server for Windows All versions may allow an attacker to send a certain command to a specific port without authentication. Successful exploitation of this vulnerability could allow a remote unauthenticated attacker to sh...

CVE-2022-25250

CVE-2022-25250 affects PTC Axeda agent (all versions) and Axeda Desktop Server for Windows (all versions). It is a missing authentication for a critical function vulnerability that allows a remote unauthenticated attacker to send a command to a port and shutdown a service (CVE-25250, CVSS v3.1 ba...

PTC Axeda agent 路径遍历漏洞

PTC Axeda agent is an agent software from PTC. A security vulnerability exists in PTC Axeda agent that allows an attacker to send specific commands to specific ports without authentication. Successful exploitation of this vulnerability could allow a remote, unauthenticated attacker to shut down...

Rapid7 Releases New Industry Cyber-Exposure Report (ICER): Fortune 500

Today, Rapid7 just released the first in our all-new Industry Cyber-Exposure Report ICER series. For those of you who have been following our research over the past few years, you may immediately suspect us of unloading another 100+ page tome of internet-based findings around the internet—but not...

GHSA-9VRW-M88G-W75Q Denial of Service in @hapi/accept

Versions of @hapi/accept prior to 3.2.4 or 5.0.1 are vulnerable to Denial of Service. The Accept-Encoding HTTP header parser has a vulnerability which will cause the function to throw a system error if the header contains some invalid values. Because hapi rethrows system errors as opposed to...

Denial of Service

Overview Versions of @hapi/subtext prior to 6.1.3 or 7.0.3 are vulnerable to Denial of Service. The Content-Encoding HTTP header parser has a vulnerability which will cause the function to throw a system error if the header contains some invalid values. Because hapi rethrows system errors as...

Emerson DeltaV

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Low skill level to exploit Vendor: Emerson Equipment: DeltaV Distributed Control System Workstations Vulnerability: Authentication Bypass 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to shut down a service,...

CVE-2017-14385

An issue was discovered in EMC Data Domain DD OS 5.7 family, versions prior to 5.7.5.6; EMC Data Domain DD OS 6.0 family, versions prior to 6.0.2.9; EMC Data Domain DD OS 6.1 family, versions prior to 6.1.0.21; EMC Data Domain Virtual Edition 2.0 family, all versions; EMC Data Domain Virtual...

The vulnerability of the Windows operating system, which allows a perpetrator to trigger a service failure

The vulnerability of the HTTP.sys component in the Windows operating system is related to improper data processing. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause a service failure system shutdown through specially crafted HTTP 2.0 requests...

Mandriva Linux Security Advisory : libvirt (MDVSA-2015:115)

Updated libvirt packages fix security vulnerabilities : The LXC driver lxc/lxcdriver.c in libvirt 1.0.1 through 1.2.1 allows local users to 1 delete arbitrary host devices via the virDomainDeviceDettach API and a symlink attack on /dev in the container; 2 create arbitrary nodes mknod via the...

Cyber Attack On 'Code Spaces' Puts Hosting Service Out of Business

Code Spaces, a code-hosting and software collaboration platform used by different organizations for project management and development needs, was forced to shut down operations after an attacker compromised its internal system and deleted its customer’s data and backups as well. This is really a...