ABB M2M Gateway Man-in-the-Middle in embedded OpenSSH (CVE-2023-48795)

The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted from the extension negotiation message, and a client and server may consequently end up with a connecti...

International Components for Unicode（icu） 安全漏洞

International Components for Unicode icu is a set of mature and widely used C/C++ and Java libraries open-sourced by The Unicode Consortium to provide Unicode and globalization support for software applications. A security vulnerability exists in International Components for Unicode icu version...

NVIDIA CUDA toolkit 安全漏洞

NVIDIA CUDA toolkit is a toolkit from NVIDIA, Inc. It provides a development environment for creating high-performance GPU-accelerated applications. The NVIDIA CUDA toolkit suffers from a buffer overflow vulnerability that stems from the cuobjdump binary not checking the buffer length, which can ...

Semantic-Preserving Adversarial Attacks on LLMs: an Adaptive Greedy Binary Search Approach

Large Language Models LLMs increasingly rely on automatic prompt engineering in graphical user interfaces GUIs to refine user inputs and enhance response accuracy. However, the diversity of user requirements often leads to unintended misinterpretations, where automated optimizations distort...

CVE-2025-47671

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LETSCMS MLM Software Binary MLM Plan binary-mlm-plan allows SQL Injection.This issue affects Binary MLM Plan: from n/a through = 3.0...

ABB Cylon Aspect Studio 3.08.03 - Binary Planting

Exploit Title: ABB Cylon Aspect Studio 3.08.03 - Binary Planting Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: type project P R O J E C T .| | | |'| . | | |. |' .---"| .-' '-. | | .--'| || | | | .-'| .| | || '- | | | || | |' | |. | || | | | | || | | '-' ' "" '-' '-.'...

CVE-2024-13946

DLL's are not digitally signed when loaded in ASPECT's configuration toolset exposing the application to binary planting during device commissioning.This issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...

CVE-2025-47671

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LETSCMS MLM Software Binary MLM Plan binary-mlm-plan allows SQL Injection.This issue affects Binary MLM Plan: from n/a through = 3.0...

CVE-2025-47671 WordPress Binary MLM Plan plugin <= 3.0 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LETSCMS MLM Software Binary MLM Plan binary-mlm-plan allows SQL Injection.This issue affects Binary MLM Plan: from n/a through = 3.0...

CVE-2025-47671 WordPress Binary MLM Plan <= 3.0 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LETSCMS MLM Software Binary MLM Plan allows SQL Injection. This issue affects Binary MLM Plan: from n/a through 3.0...

CVE-2025-47671

CVE-2025-47671 : WordPress Binary MLM Plan plugin

CVE-2024-45415

The HTTPD binary in multiple ZTE routers has a stack-based buffer overflow vulnerability in checkdataintegrity function. This function is responsible for validating the checksum of data in post request. The checksum is sent encrypted in the request, the function decrypts it and stores the checksu...

CVE-2024-45414

The HTTPD binary in multiple ZTE routers has a stack-based buffer overflow vulnerability in webPrivateDecrypt function. This function is responsible for decrypting RSA encrypted ciphertext, the encrypted data is supplied base64 encoded. The decoded ciphertext is stored on the stack without checki...

CVE-2024-38531

Nix is a package manager for Linux and other Unix systems that makes package management reliable and reproducible. A build process has access to and can change the permissions of the build directory. After creating a setuid binary in a globally accessible location, a malicious local user can assu...

CVE-2024-12384

The Binary MLM Woocommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page’ parameter in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w...

CVE-2024-38443

C/sorting/binaryinsertionsort.c in The Algorithms - C through e5dad3f has a segmentation fault for deep recursion, which may affect common use cases such as sorting an array of 50 elements...

CVE-2024-36586

An issue in AdGuardHome v0.93 to latest allows unprivileged attackers to escalate privileges via overwriting the AdGuardHome binary...

CVE-2024-38462

iRODS before 4.3.2 provides an msiSendMail function with a problematic dependency on the mail binary, such as in the mailMS.cppL94-L106 reference...

CVE-2024-23684

Inefficient algorithmic complexity in DecodeFromBytes function in com.upokecenter.cbor Java implementation of Concise Binary Object Representation CBOR versions 4.0.0 to 4.5.1 allows an attacker to cause a denial of service by passing a maliciously crafted input. Depending on an application's use...

CVE-2024-32517

Missing Authorization vulnerability in WooCommerce & WordPress Tutorials Custom Thank You Page Customize For WooCommerce by Binary Carpenter.This issue affects Custom Thank You Page Customize For WooCommerce by Binary Carpenter: from n/a through 1.4.12...