668 matches found
Dire Wolf 安全漏洞
Dire Wolf is a software radio modem from the individual developers at wb2osz. A security vulnerability exists in Dire Wolf 1.8 and earlier versions, which stems from a reachable assertion vulnerability in the APRS MIC-E decoder that could lead to a denial of service...
PT-2025-52720
Name of the Vulnerable Software and Affected Versions wb2osz/direwolf Dire Wolf versions up to and including 1.8, prior to commit 3658a87 Description The software contains a reachable assertion issue in the APRS MIC-E decoder function aprs mic e located in src/decode aprs.c. Processing a speciall...
PT-2025-52719
Name of the Vulnerable Software and Affected Versions wb2osz/direwolf Dire Wolf versions up to and including 1.8, prior to commit 694c954 Description The software contains a stack-based buffer overflow issue in the kiss rec byte function, found in src/kiss frame.c. Processing specially crafted KI...
Bloody Wolf Expands Java-based NetSupport RAT Attacks in Kyrgyzstan and Uzbekistan
The threat actor known as Bloody Wolf has been attributed to a cyber attack campaign that has targeted Kyrgyzstan since at least June 2025 with the goal of delivering NetSupport RAT. As of October 2025, the activity has expanded to also single out Uzbekistan, Group-IB researchers Amirbek Kurbanov...
CVE-2025-11934 Improper Validation of Signature Algorithm Used in TLS 1.3 CertificateVerify
Improper input validation in the TLS 1.3 CertificateVerify signature algorithm negotiation in wolfSSL 5.8.2 and earlier on multiple platforms allows for downgrading the signature algorithm used. For example when a client sends ECDSA P521 as the supported signature algorithm the server previously...
EUVD-2025-198156
The Axel Technology WOLF1MS and WOLF2MS devices firmware versions 0.8.5 to 1.0.3 are vulnerable to Broken Access Control due to missing authentication on the /cgi-bin/gstFcgi.fcgi endpoint. Unauthenticated remote attackers can list user accounts, create new administrative users, delete users, and...
CVE-2025-63218
The Axel Technology WOLF1MS and WOLF2MS devices firmware versions 0.8.5 to 1.0.3 are vulnerable to Broken Access Control due to missing authentication on the /cgi-bin/gstFcgi.fcgi endpoint. Unauthenticated remote attackers can list user accounts, create new administrative users, delete users, and...
PT-2025-47459
Name of the Vulnerable Software and Affected Versions Axel Technology WOLF1MS and WOLF2MS versions 0.8.5 through 1.0.3 Description The devices are subject to Broken Access Control because of a lack of authentication on the /cgi-bin/gstFcgi.fcgi API endpoint. This allows unauthenticated remote...
CVE-2025-63218
The Axel Technology WOLF1MS and WOLF2MS devices firmware versions 0.8.5 to 1.0.3 are vulnerable to Broken Access Control due to missing authentication on the /cgi-bin/gstFcgi.fcgi endpoint. Unauthenticated remote attackers can list user accounts, create new administrative users, delete users, and...
EUVD-2025-179256
Malicious code in dotenv-safe-sedimentology-wolf-singularity npm...
EUVD-2025-177056
Malicious code in primatology-paleoceanography-mineralogy-wolf npm...
EUVD-2025-179038
Malicious code in eslint-plugin-gacrux-wolf-ariel npm...
EUVD-2025-180228
Malicious code in australis-wolf-archaeogenetics-virgo npm...
MAL-2025-189940 Malicious code in titan-link-wolf-unuk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e5635cb19cc5d81c41aa823641a3e6ce5b8e942e8d03a61f99c85afc4412e62e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-187188 Malicious code in global-upgrade-wolf-betelgeuse (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f36eabf70e6a0498bc947c1d4011bf05f67eb39c3e4010c7ab28a2b04e317f4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-176549
Malicious code in sagitta-wolf-barnard-geckodriver npm...
EUVD-2025-178246
Malicious code in juno-proxima-wolf-tailwindcss npm...
Malicious code in juno-proxima-wolf-tailwindcss (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 47028c82d41ce63151937e576d080b099eb94441f3ef4d03707857a5baf44a18 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-180171
Malicious code in axios-algol-wolf-upgrade npm...
EUVD-2025-178694
Malicious code in global-upgrade-wolf-betelgeuse npm...