Security Bulletin: Vulnerability in iperf affects IBM Netezza Appliance

Summary The iperf package is used by IBM Netezza Appliance. IBM Netezza Appliance has addressed the applicable CVE CVE-2025-54349. Vulnerability Details CVEID:CVE-2025-54349 DESCRIPTION: In iperf before 3.19.1, iperfauth.c has an off-by-one error and resultant heap-based buffer overflow...

Security Bulletin: Vulnerability in glib2 affects IBM Netezza Appliance

Summary The glib2 package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVECVE-2025-13601 Vulnerability Details CVEID:CVE-2025-13601 DESCRIPTION: A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the...

Security Bulletin: Vulnerability in kernel affects IBM Netezza Appliance

Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-38550 Vulnerability Details CVEID:CVE-2025-38550 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: Delay put pmc-idev in...

Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance

Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2025-38079, CVE-2025-38292 Vulnerability Details CVEID:CVE-2025-38079 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: crypto: algifhash - fix...

Security Bulletin: Vulnerability in poppler affects IBM Netezza Appliance

Summary The poppler package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVECVE-2025-32365 Vulnerability Details CVEID:CVE-2025-32365 DESCRIPTION: Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine...

Security Bulletin: Vulnerability in iperf affects IBM Netezza Appliance

Summary The iperf package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-54349 Vulnerability Details CVEID:CVE-2025-54349 DESCRIPTION: In iperf before 3.19.1, iperfauth.c has an off-by-one error and resultant heap-based buffer overflow...

Security Bulletin: Vulnerability in brotli affects IBM Netezza Appliance

Summary The brotli package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-6176 Vulnerability Details CVEID:CVE-2025-6176 DESCRIPTION: Scrapy versions up to 2.13.2 are vulnerable to a denial of service DoS attack due to a flaw in its brotli...

Security Bulletin: Vulnerability in curl affects IBM Netezza Appliance

Summary The curl package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-9086 Vulnerability Details CVEID:CVE-2025-9086 DESCRIPTION: 1. A cookie is set using the secure keyword for https://target 2. curl is redirected to or otherwise made to...

Security Bulletin: Vulnerability in curl affects IBM Netezza Appliance

Summary The curl package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-9086 Vulnerability Details CVEID:CVE-2025-9086 DESCRIPTION: 1. A cookie is set using the secure keyword for https://target 2. curl is redirected to or otherwise made to...

EUVD-2018-21740

Microsoft FastTube 1.0.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string to the search functionality. Attackers can paste a buffer of 1900 characters into the search bar and trigger a crash when the search...

EUVD-2019-19946

GSearch 1.0.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by inputting an excessively long string in the search bar. Attackers can paste a buffer of 2000 characters into the search field, click search, and select any result to trigger an...

PT-2026-6060

Name of the Vulnerable Software and Affected Versions Ziroom ZHOME A0101 version 1.0.1.0 Description A security flaw exists in Ziroom ZHOME A0101. The issue is due to command injection resulting from the manipulation of the macType argument within the macAddrClone function located in the...

Ziroom ZHOME A0101 安全漏洞

Ziroom ZHOME A0101 is a smart home hardware device developed by Ziroom Corporation. The version 1.0.1.0 of Ziroom ZHOME A0101 contains a security vulnerability. This vulnerability stems from the Dropbear SSH Service component using default credentials, which may lead to remote attacks...

Ziroom ZHOME A0101 命令注入漏洞

Ziroom ZHOME A0101 is a smart home hardware device developed by Ziroom Corporation. The version 1.0.1.0 of Ziroom ZHOME A0101 contains a command injection vulnerability. This vulnerability stems from the improper handling of the parameter “macType” in the “macAddrClone” function within the file...

CVE-2025-15137

A vulnerability was detected in TRENDnet TEW-800MB 1.0.1.0. Affected by this vulnerability is the function subF934 of the file NTPSyncWithHost.cgi. The manipulation results in command injection. The attack may be launched remotely. The exploit is now public and may be used. The vendor was contact...

EUVD-2025-205511

A vulnerability was detected in TRENDnet TEW-800MB 1.0.1.0. Affected by this vulnerability is the function subF934 of the file NTPSyncWithHost.cgi. The manipulation results in command injection. The attack may be launched remotely. The exploit is now public and may be used. The vendor was...

CVE-2025-15137

A vulnerability was detected in TRENDnet TEW-800MB 1.0.1.0. Affected by this vulnerability is the function subF934 of the file NTPSyncWithHost.cgi. The manipulation results in command injection. The attack may be launched remotely. The exploit is now public and may be used. The vendor was...

CVE-2025-15136

TRENDnet TEW-800MB (firmware 1.0.1.0) contains a command injection flaw in the Management Interface. The affected function is do_setWizard_asp in /goform/wizardset, where manipulating the WizardConfigured argument can trigger arbitrary command execution. The issue is exploitable remotely over the...

TRENDnet TEW-800MB 命令注入漏洞

The TRENDnet TEW-800MB is a dual-band wireless router from TRENDnet. The TRENDnet TEW-800MB suffers from a command injection vulnerability that originates from a misbehavior of the parameter WizardConfigured in the file /goform/wizardset, which can be exploited by an attacker to execute arbitrary...

TRENDnet TEW-800MB 命令注入漏洞

The TRENDnet TEW-800MB is a dual-band wireless router from TRENDnet. The TRENDnet TEW-800MB suffers from a command injection vulnerability that originates from a misbehavior of the function subF934 in the file NTPSyncWithHost.cgi, which can be exploited by an attacker to execute arbitrary command...