EUVD-2014-3839

Malware in sbrugna...

EUVD-2025-20832

Malicious code in bioql PyPI...

Malicious code in test-mlw2-ameba-study (npm)

The package test-mlw2-ameba-study was found to contain malicious code...

MAL-2025-34872 Malicious code in test-mlw2-ameba-study (npm)

The package test-mlw2-ameba-study was found to contain malicious code...

编号撤回

Realtek Ameba-AIoT ameba-arduino-d and Realtek Ameba-AIoT ameba-rtos-d are both an IoT development board from Realtek Semiconductor Realtek, China. This CVE number has been withdrawn...

PT-2025-28941

Name of the Vulnerable Software and Affected Versions: Ameba-AIoT ameba-arduino-d versions prior to 3.1.9 ameba-rtos-d versions prior to commit c2bfd8216a1cbc19ad2ab5f48f372ecea756d67a Description: A heap-based buffer overflow exists in the WLAN driver defragment function due to a lack of...

com.github.jinahya:jsonrpc-bind-tests (=0.7.1), org.amebastack.container:ameba-container-grizzly (>=0.1.6c <=0.1.6e) +185 more potentially affected by CVE-2020-5245 +3 more via org.hibernate.validator:hibernate-validator (>=7.0.0.Alpha1 <=7.0.0.Alpha6)

org.hibernate.validator:hibernate-validator MAVEN version =7.0.0.Alpha1, =0.1.6c, =0.1.2, =0.1.2, =0.1.2, =0.1.6c, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0-RC1 and more Source cves: CVE-2020-5245, CVE-2025-35036, CVE-2025-4427, CVE-2025-4428 Source advisory: OSV:GHSA-7V6M-28JR-RG84...

CVE-2022-34326

In ambiot amb1sdk aka SDK for Ameba1 before 2022-06-20 on Realtek RTL8195AM devices before 284241d70308ff2519e40afd7b284ba892c730a3, the timer task and RX task would be locked when there are frequent and continuous Wi-Fi connection with four-way handshake failures in Soft AP mode...

PT-2022-22132 · Realtek · Amb1 Sdk +1

Name of the Vulnerable Software and Affected Versions: amb1 sdk aka SDK for Ameba1 versions prior to 2022-06-20 Realtek RTL8195AM devices versions prior to 284241d70308ff2519e40afd7b284ba892c730a3 Description: The issue occurs when there are frequent and continuous Wi-Fi connection failures in So...

CVE-2020-27302

A stack buffer overflow in Realtek RTL8710 and other Ameba-based devices can lead to remote code execution via the "memcpy" function, when an attacker in Wi-Fi range sends a crafted "Encrypted GTK" value as part of the WPA2 4-way-handshake...

CVE-2020-27302

Realtek RTL8710 (and Ameba-based devices) are affected by a stack-based buffer overflow in the memcpy path during WPA2 4‑way handshake when processing a crafted Encrypted GTK value. This can enable remote code execution by an attacker in wireless range. The issue is documented as CVE-2020-27302; ...

CVE-2020-27301

Realtek RTL8710 (and other Ameba-based devices) disclose a stack buffer overflow vulnerability that can enable remote code execution via the AES_UnWRAP path during WPA2 4-way handshake. An attacker within Wi‑Fi range can craft an Encrypted GTK to exploit the flaw, potentially taking control of th...

Researchers Warn of Critical Bugs Affecting Realtek Wi-Fi Module

A new set of critical vulnerabilities has been disclosed in the Realtek RTL8170C Wi-Fi module that an adversary could abuse to gain elevated privileges on a device and hijack wireless communications. "Successful exploitation would lead to complete control of the Wi-Fi module and potential root...

Critical Bugs Found in Popular Realtek Wi-Fi Module for Embedded Devices

Major vulnerabilities have been discovered in the Realtek RTL8195A Wi-Fi module that could have been exploited to gain root access and take complete control of a device's wireless communications. The six flaws were reported by researchers from Israeli IoT security firm Vdoo. The Realtek RTL8195A...

news.ameba.jp XSS vulnerability

Vulnerable URL: http://news.ameba.jp/search/?query=a%22%3E%3C%2Ftitle%3E%3C%2Fscript%3E%3Csvg/onload=prompt/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website...

CVE-2014-6820

The Amebra Ameba aka jp.honeytrap15.amebra application 1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

Information disclosure

The Amebra Ameba aka jp.honeytrap15.amebra application 1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-6820

The CVE-2014-6820 entry concerns the Android app Amebra Ameba (jp.honeytrap15.amebra) 1.0.0, which does not verify X.509 certificates from SSL servers. This root cause allows MITM attackers to spoof servers and obtain sensitive information via a crafted certificate. CVSSv2 metrics indicate a Medi...

CVE-2014-6820

The Amebra Ameba aka jp.honeytrap15.amebra application 1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-3902

The CyberAgent Ameba application 3.x and 4.x before 4.5.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...