EUVD-2021-30344

Malicious code in bioql PyPI...

kernel: firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails

In the Linux kernel, the following vulnerability has been resolved: firmware: armscpi: Ensure scpiinfo is not assigned if the probe fails When scpi probe fails, at any point, we need to ensure that the scpiinfo is not set and will remain NULL until the probe succeeds. If it is not taken care, the...

kernel: s390/sclp: Fix SCCB present check

In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Fix SCCB present check Tracing code called by the SCLP interrupt handler contains early exits if the SCCB address associated with an interrupt is NULL. This check is performed after physical to virtual address...

UBUNTU-CVE-2023-53428

In the Linux kernel, the following vulnerability has been resolved: powercap: armscmi: Remove recursion while parsing zones Powercap zones can be defined as arranged in a hierarchy of trees and when registering a zone with powercapregisterzone, the kernel powercap subsystem expects this to happen...

SAP NetWeaver AS Java 代码注入漏洞

SAP NetWeaver AS Java is a platform system from SAP, a German company. A code injection vulnerability exists in SAP NetWeaver AS Java that originates from allowing the uploading of arbitrary files, which could lead to full control of the system...

UBUNTU-CVE-2025-39694

In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Fix SCCB present check Tracing code called by the SCLP interrupt handler contains early exits if the SCCB address associated with an interrupt is NULL. This check is performed after physical to virtual address...

CVE-2025-39694

CVE-2025-39694 concerns the Linux kernel on s390:sclp where a NULL SCCB address check after address translation could fail if identity mapping does not start at 0, potentially allowing access to the first page of identity mapping. The fix adds a NULL-case handler prior to address translation to e...

CVE-2024-46917

Diebold Nixdorf Vynamic Security Suite through 4.3.0 SR01 does not validate file attributes or the contents of /root during integrity validation. This allows code execution, recovery of TPM Disk Encryption keys, decryption of the Windows system partition, and full control of the Windows OS, e.g.,...

PT-2025-35243

Name of the Vulnerable Software and Affected Versions: Diebold Nixdorf Vynamic Security Suite versions through 4.3.0 SR01 Description: Diebold Nixdorf Vynamic Security Suite through 4.3.0 SR01 does not validate file attributes or the contents of the /root directory during integrity validation. Th...

TOTOLINK EX1200T 安全漏洞

The TOTOLINK EX1200T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. The TOTOLINK EX1200T suffers from an authentication bypass vulnerability that originates from formLoginAuth.htm not properly validating the login request, which can be exploited by an attacker to gain system...

Itemir M300 Wi-Fi Repeater 安全漏洞

Itemir M300 Wi-Fi Repeater is a wireless repeater from Itemir China. A security vulnerability exists in Itemir M300 Wi-Fi Repeater that originates from OS command injection and could lead to full system control...

New Attack Uses Windows Shortcut Files to Install REMCOS Backdoor

Security firm Point Wild has exposed a new malware campaign using malicious LNK files to install the REMCOS backdoor. This report details how attackers disguise files to gain full system control...

CVE-2025-6018 Pam-config: lpe from unprivileged to allow_active in pam

A Local Privilege Escalation LPE vulnerability has been discovered in pam-config within Linux Pluggable Authentication Modules PAM. This flaw allows an unprivileged local attacker for example, a user logged in via SSH to obtain the elevated privileges normally reserved for a physically present,...

Path Traversal

github.com/lf-edge/ekuiper is vulnerable to path traversal. The vulnerability is due to improper validation of file paths, which allows an attacker to read or write arbitrary files on the server, potentially modifying application behavior and gaining full control of the system...

CVE-2025-42967

SAP S/4HANA and SAP SCM Characteristic Propagation has remote code execution vulnerability. This allows an attacker with user level privileges to create a new report with his own code potentially gaining full control of the affected SAP system causing high impact on confidentiality, integrity, an...

SAP S/4HANA 安全漏洞

SAP S/4HANA is an enterprise resource management software based on the SAP HANA in-memory database system from SAP, Germany. A security vulnerability exists in SAP S/4HANA that originates from remote code execution and could lead to complete control of the system...

PT-2025-28516

Name of the Vulnerable Software and Affected Versions Windows versions affected versions not specified Description A critical vulnerability exists in the Windows SPNEGO Extended Negotiation NEGOEX security mechanism. This flaw is a heap-based buffer overflow that allows an unauthorized attacker t...

📄 Off 2.15 Unauthenticated Remote System Control

Off version 2.15 exposes a TCP service on 1984 port that allows unauthenticated attackers to issue remote system control commands such as Shutdown, Restart, Lock, Sleep, and Hibernate. Exploit Title: Off 2.15 - Unauthenticated Remote System Control Date: 25/06/25 Exploit Author: Chokri Hammedi...

CVE-2025-50200

RabbitMQ is a messaging and streaming broker. In versions 3.13.7 and prior, RabbitMQ is logging authorization headers in plaintext encoded in base64. When querying RabbitMQ api with HTTP/s with basic authentication it creates logs with all headers in request, including authorization headers which...

UBUNTU-CVE-2022-49967

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a data-race around bpfjitlimit. While reading bpfjitlimit, it can be changed concurrently via sysctl, WRITEONCE in doprocdoulongvecminmax. The size of bpfjitlimit is long, so we need to add a paired READONCE to avoid...