14 matches found
EUVD-2015-1712
Malware in sbrugna...
EUVD-2013-3426
Malware in sbrugna...
EUVD-2023-35492
Malicious code in bioql PyPI...
EUVD-2022-5749
Malicious code in bioql PyPI...
EUVD-2022-27386
Malicious code in bioql PyPI...
CVE-2025-20262
CVE-2025-20262 affects Cisco Nexus 3000/9000 NX-OS standalone in PIM6. The issue arises from improper processing of PIM6 ephemeral data queries, allowing an authenticated, low-privileged remote attacker to crash the PIM6 process and cause DoS via adjacency flaps and DoS of PIM6/ephemeral query pr...
CVE-2025-8638
Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within t...
EUVD-2025-20262
Marvell QConvergeConsole compressDriverFiles Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. Authentication is not required to exploit this vulnerability...
CVE-2024-12847 NETGEAR DGN setup.cgi OS Command Injection
NETGEAR DGN1000 before 1.1.00.48 is vulnerable to an authentication bypass vulnerability. A remote and unauthenticated attacker can execute arbitrary operating system commands as root by sending crafted HTTP requests to the setup.cgi endpoint. This vulnerability has been observed to be exploited ...
CVE-2017-16336
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker...
CVE-2021-35472
An issue was discovered in LemonLDAP::NG before 2.0.12. Session cache corruption can lead to authorization bypass or spoofing. By running a loop that makes many authentication attempts, an attacker might alternately be authenticated as one of two different users...
CVE-2021-20786
Cross-site request forgery CSRF vulnerability in GroupSession GroupSession Free edition from ver2.2.0 to the version prior to ver5.1.0, GroupSession byCloud from ver3.0.3 to the version prior to ver5.1.0, and GroupSession ZION from ver3.0.3 to the version prior to ver5.1.0 allows a remote attacke...
V3 Chat Instant Messenger - mycontacts.php membername Arbitrary User Buddy List Manipulation
No description provided by source. source: http://www.securityfocus.com/bid/18543/info V3 Chat Instant Messenger is prone to multiple cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker...
CVE-2005-0198
A logic error in the CRAM-MD5 code for the University of Washington IMAP UW-IMAP server, when Challenge-Response Authentication Mechanism with MD5 CRAM-MD5 is enabled, does not properly enforce all the required conditions for successful authentication, which allows remote attackers to authenticat...