101 matches found
EUVD-2023-44875
Malicious code in bioql PyPI...
EUVD-2023-39741
Malicious code in bioql PyPI...
EUVD-2023-44791
Malicious code in bioql PyPI...
EUVD-2024-47289
Malicious code in bioql PyPI...
EUVD-2022-43986
Malicious code in bioql PyPI...
EUVD-2024-47288
Malicious code in bioql PyPI...
EUVD-2023-36408
Malicious code in bioql PyPI...
EUVD-2023-39739
Malicious code in bioql PyPI...
CVE-2025-8653 Kenwood DMX958XR JKRadioService Stack-based Buffer Overflow Remote Code Execution Vulnerability
Kenwood DMX958XR JKRadioService Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Kenwood DMX958XR. Authentication is not required to exploit this vulnerability. The specific...
(0Day) (Pwn2Own) Alpine iLX-507 Command Injection Remote Code Execution
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine iLX-507 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Tidal music streaming application. The issue results from the lack ...
(Pwn2Own) QNAP TS-464 reset_password.cgi Hard-coded Cryptographic Key Authentication Bypass Vulnerability
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of QNAP TS-464. Authentication is not required to exploit this vulnerability. The specific flaw exists within the resetpassword.cgi endpoint. The issue results from the use of a hard-coded...
(Pwn2Own) QNAP TS-464 Active Directory Authentication Bypass Vulnerability
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of QNAP TS-464 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Active Directory integration. The issue results from the improper...
(Pwn2Own) QNAP TS-464 privWizard.cgi Authentication CRLF Injection Privilege Escalation Vulnerability
This vulnerability allows network-adjacent attackers to escalate privileges on affected installations of QNAP TS-464 devices. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the privWizard.cg...
(Pwn2Own) Phoenix Contact CHARX SEC-3100 Command Injection Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Phoenix Contact CHARX SEC-3100 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the defaultroutemetric parameter to the...
CVE-2025-5827
Autel MaxiCharger AC Wallbox Commercial bleprocessesp32msg Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers. Authenticati...
CVE-2025-5827
Autel MaxiCharger AC Wallbox Commercial bleprocessesp32msg Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers. Authenticati...
CVE-2025-5476 Sony XAV-AX8500 Bluetooth Improper Isolation Authentication Bypass Vulnerability
Sony XAV-AX8500 Bluetooth Improper Isolation Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected Sony XAV-AX8500 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
(Pwn2Own) Autel MaxiCharger AC Wallbox Commercial ble_process_esp32_msg Misinterpretation of Input Vulnerability
This vulnerability allows network-adjacent attackers to inject arbitrary AT commands on affected installations of Autel MaxiCharger AC Wallbox Commercial charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the bleprocessesp32msg functio...
PT-2025-24282 · Wolfbox · Wolfbox Level 2 Ev Charger
Name of the Vulnerable Software and Affected Versions: WOLFBOX Level 2 EV Charger affected versions not specified Description: This vulnerability allows network-adjacent attackers to execute arbitrary code on affected WOLFBOX Level 2 EV Charger devices. Authentication is required for exploitation...
CVE-2024-25579
OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent attacker with an administrative privilege to execute arbitrary OS commands by sending a specially crafted request to the product. Note that WMC-X1800GST-B is also included in e-Mesh Starter Kit "WMC-2LX-B"...