PT-2025-44518

Name of the Vulnerable Software and Affected Versions Nagios Log Server versions prior to 2024R1.3.1 Description The software contains a code injection issue stemming from inadequate validation of dashboard ID values before they are processed by an internal API. An attacker can leverage crafted...

D-Link DIR600L formLanSetupRouterSettings Function Buffer Overflow Vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...

EUVD-2025-36683

SPH Engineering UgCS 5.13.0 is vulnerable to Arbitary code execution...

CVE-2025-60595

SPH Engineering UgCS 5.13.0 is vulnerable to Arbitary code execution...

CVE-2025-62776

The installer of WTW EAGLE for Windows 3.0.8.0 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running application...

CVE-2025-62776

The installer of WTW EAGLE for Windows 3.0.8.0 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running application...

EUVD-2025-36592

The installer of WTW EAGLE for Windows 3.0.8.0 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running application...

SUSE CVE-2025-62229

A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cause memory corruption or a crash, potentially allowing an...

CVE-2025-61128

Stack-based buffer overflow vulnerability in WAVLINK QUANTUM D3G/WL-WN530HG3 firmware M30HG3V240730, and possibly other wavlink models allows attackers to execute arbitrary code via crafted referrer value POST to login.cgi...

Razer Synapse 3 后置链接漏洞

Razer Synapse 3 is a software application from Razer, Inc. cloud-based unified hardware configuration tool. Razer Synapse 3 suffers from a backlink vulnerability that stems from a symbolic link issue in the Philips HUE module installer, which could lead to elevation of privilege and arbitrary cod...

SPH Engineering UgCS 安全漏洞

SPH Engineering UgCS is a UAV mission planning and flight control software from the Latvian company SPH. A security vulnerability exists in SPH Engineering UgCS version 5.13.0, which originates from a vulnerability that could lead to arbitrary code execution...

PT-2025-44320

Name of the Vulnerable Software and Affected Versions SPH Engineering UgCS version 5.13.0 Description UgCS version 5.13.0 is subject to arbitrary code execution. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability...

CVE-2025-60595

SPH Engineering UgCS 5.13.0 is vulnerable to Arbitary code execution...

CVE-2025-60595

SPH Engineering UgCS 5.13.0 is vulnerable to Arbitary code execution...

WTW EAGLE 代码问题漏洞

WTW EAGLE is a companion program for wirelessly connected cameras from WTW Argentina. A code issue vulnerability exists in WTW EAGLE version 3.0.8.0, which stems from a DLL search path issue that could lead to the execution of arbitrary code...

CVE-2025-60595

CVE-2025-60595 affects SPH Engineering UgCS 5.13.0 and enables arbitrary code execution. The included metrics indicate a network-exposed, low-Complexity attack with no privileges required and no user interaction, resulting in high integrity impact and low confidentiality impact. The sources confi...

Razer Synapse 3 后置链接漏洞

Razer Synapse 3 is a software application from Razer, Inc. cloud-based unified hardware configuration tool. Razer Synapse 3 suffers from a backlink vulnerability that stems from Razer Synapse Service allowing the creation of symbolic links, which could lead to local elevation of privilege and...

[SECURITY] [DSA 6043-1] gimp security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6043-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 28, 2025 https://www.debian.org/security/faq -...

Deserialization Of Untrusted Data

h2o is vulnerable to Deserialization Of Untrusted Data. The vulnerability is due to improper handling of JDBC connection parameters with insufficient input validation, which allows an attacker to bypass regular expression checks using double URL encoding and subsequently read arbitrary files or...

libtiff: Libtiff Write-What-Where

A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file. By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing attacker-controll...