[SECURITY] Fedora 43 Update: imhex-1.37.4-3.fc43

ImHex is a Hex Editor, a tool to display, decode and analyze binary data to reverse engineer their format, extract informations or patch values in them. What makes ImHex special is that it has many advanced features that can often only be found in paid applications. Such features are a completely...

Microsoft Windows 10 22H2 ESU Status Check

Binary data wmiwin1022h2esustatus.nbin...

Apache Commons FileUpload JAR Detection

Binary data apachecommonsfileuploadjardetect.nbin...

GHSA-4R66-7RCV-X46X SiYuan vulnerable to RCE via zip slip and Command Injection via PandocBin

Summary Siyuan is vulnerable to RCE. The issue stems from a "Zip Slip" vulnerability during zip file extraction, combined with the ability to overwrite system executables and subsequently trigger their execution. Steps to reproduce 1. Authenticate 2. Create zip slip payload with path traversal...

SiYuan vulnerable to RCE via zip slip and Command Injection via PandocBin

Summary Siyuan is vulnerable to RCE. The issue stems from a "Zip Slip" vulnerability during zip file extraction, combined with the ability to overwrite system executables and subsequently trigger their execution. Steps to reproduce 1. Authenticate 2. Create zip slip payload with path traversal...

Progress Telerik Document Processing Libraries Installed (Windows)

Binary data progresstelerikdocumentprocessinglibrarieswininstalled.nbin...

BIT-MONGODB-2025-13507 Time-series operations may cause internal BSON size limit to be exceed

Inconsistent object size validation in time series processing logic may result in later processing of oversized BSON documents leading to an assert failing and process termination. This issue impacts MongoDB Server v7.0 versions prior to 7.0.26, v8.0 versions prior to 8.0.16 and MongoDB server v8...

BloodFang

🩸 BloodFang !Versionhttps://img.shields.io/badge/version-1...

rConfig WebUI Detection

Binary data rconfigservicedetect.nbin...

CVE-2025-57199

AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the NetFailDetectD binary. This vulnerability allows attackers to execute arbitrary commands via a crafted input...

Improper Check for Unusual or Exceptional Conditions

Overview nvidia-pytriton is a PyTriton - Flask/FastAPI-like interface to simplify Triton's deployment in Python environments. Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions in the HTTPAPIServer::GetContentLength function in the HTTP server...

Improper Validation of Specified Quantity in Input

Overview nvidia-pytriton is a PyTriton - Flask/FastAPI-like interface to simplify Triton's deployment in Python environments. Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input n the EVBufferToJson function in the HTTP server component. An...

Exploit for CVE-2024-32019

The ndsudo vulnerability allows an attacker to gain root permiss...

CVE-2025-57199

The CVE-2025-57199 entry concerns AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003, where an authenticated command injection vulnerability exists in the NetFailDetectD binary. The Red Hat and NVD records describe an authenticated command injection that lets an attacker execute arbi...

CVE-2025-57199

AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the NetFailDetectD binary. This vulnerability allows attackers to execute arbitrary commands via a crafted input...

CVE-2025-57199

AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the NetFailDetectD binary. This vulnerability allows attackers to execute arbitrary commands via a crafted input...

Oracle Linux 10 : ELSA-2025-20478-0: / zziplib (ELSA-2025-204780)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-204780 advisory. 0.13.78-2 - Fix directory traversal in unzip binary - Disable the CVE tests during the check phase - the reproducers for these are downloaded from the github...

FreeBSD : MongoDB -- Reachable Assertion (e72ec9c1-ced4-11f0-a958-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the e72ec9c1-ced4-11f0-a958-b42e991fc52e advisory. https://jira.mongodb.org/browse/SERVER-101180 reports: MongoDB Server may experience an invariant failu...

FreeBSD : MongoDB -- Improper Validation of Specified Quantity in Input (ea64d2ec-ced4-11f0-a958-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ea64d2ec-ced4-11f0-a958-b42e991fc52e advisory. https://jira.mongodb.org/browse/SERVER-108565 reports: Inconsistent object size validation in time seri...

Malicious code in pulsecord (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 025d4e33a2037fb9ad36cb4b08b122e4439bb4932b73ac6c6f403609e7e1c09e This package is prepared for silent execution of a malicious executable, with disabling AV protection. While there is no link to the malicious binary inside, t...