31210 matches found
CVE-2023-53715
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex Apparently the hex passphrase mechanism does not work on newer chips/firmware e.g. BCM4387. It seems there was a simple way of passing it in binary all along, so use...
DEBIAN-CVE-2023-53715
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex Apparently the hex passphrase mechanism does not work on newer chips/firmware e.g. BCM4387. It seems there was a simple way of passing it in binary all along, so use...
UBUNTU-CVE-2023-53715
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex Apparently the hex passphrase mechanism does not work on newer chips/firmware e.g. BCM4387. It seems there was a simple way of passing it in binary all along, so use...
CVE-2023-53715
CVE-2023-53715: In the Linux kernel wifi/brcmfmac cfg80211 path, the passphrase PMK is now passed in binary instead of hex to accommodate newer chips/firmware (e.g., BCM4387). The fix also clears the structure before setting the PMK to prevent leaking uninitialized stack contents to the device. O...
CVE-2025-10639
The WorkExaminer Professional server installation comes with an FTP server that is used to receive the client logs on TCP port 12304. An attacker with network access to this port can use weak hardcoded credentials to login to the FTP server and modify or read data, log files and gain remote code...
offsec
Offensive Security - Parcours en sécurité offensive !Difficu...
MAL-2025-48568 Malicious code in mender-binary-delta (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3acd5fd0dbb470fbbeb432988f6b61ba77541759f80b2ebd98150b3183ee8a2a Any computer that has this package installed or running should be considered...
Malicious code in mender-binary-delta (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3acd5fd0dbb470fbbeb432988f6b61ba77541759f80b2ebd98150b3183ee8a2a Any computer that has this package installed or running should be considered...
mirror_sparse_matrix (>=0.1.1 <=0.1.17) potentially affected by unknown CVE via binary_vec_io (=0.1.12)
binaryvecio CARGO version =0.1.12 is affected by a known vulnerability. The following packages have a transitive dependency on binaryvecio and may be impacted: - mirrorsparsematrix =0.1.1, =0.1.17 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2025-0109...
Out-of-bounds memory access in binary_read_to_ref and binary_write_from_ref
Safe functions accept a single &T or &mut T but multiply by n to create slices extending beyond allocated memory when n 1. These functions use fromrawparts to create slices larger than the underlying allocation, violating memory safety. The binaryvecio repository is archived and unmaintained...
WordPress Binary MLM Plan plugin elevation of privilege vulnerability
WordPress Binary MLM Plan plugin is a WordPress plugin designed for network marketing, mainly used to simplify the operational process of multi-level marketing MLM business. WordPress Binary MLM Plan plugin suffers from an elevation of privilege vulnerability that stems from the bmpuser role...
Delta Electronics DIAView WebHMI Detection
Binary data deltaelectronicsdiaviewwebhmidetect.nbin...
Dassault Systemes DELMIA Apriso Installed (Windows)
Binary data dassaultsystemesdelmiaapriso.nbin...
📄 Microsoft Windows Server Update Services Remote Code Execution
This is a proof of concept exploit for Microsoft Windows Server Update Services that leverages an unsafe deserialization of untrusted data in WSUS's AuthorizationCookie handling. This file demonstrates payload generation in C. using System; using System.IO; using System.Security.Cryptography; usi...
CVE-2025-11895
The Binary MLM Plan plugin for WordPress is vulnerable to insecure direct object reference in versions up to, and including, 5.0. This is due to the bmpuserpayoutdetailofcurrentuser function selecting payout records solely by id without verifying ownership. This makes it possible for authenticate...
Command Injection
Hoverfly is vulnerable to Command Injection. The vulnerability is due to improper input validation in the middleware endpoint due to the binary and script parameters being passed directly into a system without sanitization. This allows an attacker to supply crafted values for those parameters to...
CVE-2025-11895
The Binary MLM Plan plugin for WordPress is vulnerable to insecure direct object reference in versions up to, and including, 5.0. This is due to the bmpuserpayoutdetailofcurrentuser function selecting payout records solely by id without verifying ownership. This makes it possible for authenticate...
CVE-2025-11895 Binary MLM Plan <= 5.0 - Authenticated (Subscriber+) Insecure Direct Object Reference
The Binary MLM Plan plugin for WordPress is vulnerable to insecure direct object reference in versions up to, and including, 5.0. This is due to the bmpuserpayoutdetailofcurrentuser function selecting payout records solely by id without verifying ownership. This makes it possible for authenticate...
CVE-2025-11895 Binary MLM Plan <= 5.0 - Authenticated (Subscriber+) Insecure Direct Object Reference
The Binary MLM Plan plugin for WordPress is vulnerable to insecure direct object reference in versions up to, and including, 5.0. This is due to the bmpuserpayoutdetailofcurrentuser function selecting payout records solely by id without verifying ownership. This makes it possible for authenticate...
CVE-2025-11895
The CVE-2025-11895 vulnerability affects Binary MLM Plan (WordPress) versions