CVE-2025-3857

Summary: A vulnerability in Amazon.IonDotnet’s RawBinaryReader can cause an infinite loop when reading binary Ion data if the input is malformed or truncated, due to not checking the number of bytes read from the underlying stream. This could lead to denial of service. Affected versions: Amazon.I...

Bytesrevealer - Online Reverse Enginerring Viewer

Bytes Revealer is a powerful reverse engineering and binary analysis tool designed for security researchers, forensic analysts, and developers. With features like hex view, visual representation, string extraction, entropy calculation, and file signature detection, it helps users uncover hidden...

[SECURITY] Fedora 40 Update: uv-0.6.14-3.fc40

An extremely fast Python package installer and resolver, written in Rust. Designed as a drop-in replacement for common pip and pip-tools workflows. Highlights: =E2=80=A2 =E2=9A=96=EF=B8=8F Drop-in replacement for common pip, pip-tools, and virtualenv commands. =E2=80=A2 =E2=9A=A1=EF=B8=8F 10-100x...

Yi IOT XY-3820 安全漏洞

Yi IOT XY-3820 is a wireless security camera from Yi IOT. A security vulnerability exists in the Yi IOT XY-3820 version 6.0.24.10, which stems from the cmdlisten function in the cmd binary being vulnerable to remote command execution attacks...

PT-2025-17440 · Yi · Yi Iot Xy-3820

Name of the Vulnerable Software and Affected Versions: Yi IOT XY-3820 version 6.0.24.10 Description: The issue concerns a Remote Command Execution vulnerability via the cmd listen function located in the cmd binary. This allows for unauthorized execution of commands, potentially leading to a full...

ion-dotnet 安全漏洞

ion-dotnet is an A.NET implementation of Amazon Ion by amazon-ion open source. A security vulnerability exists in ion-dotnet versions prior to 1.3.1 that stems from the RawBinaryReader class not checking the number of bytes read, which could lead to an infinite loop and denial of service...

CVE-2025-29659

CVE-2025-29659 affects Yi IOT XY-3820, version 6.0.24.10. The vulnerability is a Remote Command Execution via the cmd_listen function in the cmd binary, with network access and no user interaction required (CVSS v3.1: 9.8, Critical). The reports do not specify a fixed version; a workaround sugges...

GHSA-9G64-R942-FVMP Apache ActiveMQ NMS OpenWire Client Deserialization of Untrusted Data vulnerability

Deserialization of Untrusted Data vulnerability in Apache ActiveMQ NMS OpenWire Client. This issue affects Apache ActiveMQ NMS OpenWire Client before 2.1.1 when performing connections to untrusted servers. Such servers could abuse the unbounded deserialization in the client to provide malicious...

CVE-2025-29953

Deserialization of Untrusted Data vulnerability in Apache ActiveMQ NMS OpenWire Client. This issue affects Apache ActiveMQ NMS OpenWire Client before 2.1.1 when performing connections to untrusted servers. Such servers could abuse the unbounded deserialization in the client to provide malicious...

CVE-2025-29953

Deserialization of Untrusted Data vulnerability in Apache ActiveMQ NMS OpenWire Client. This issue affects Apache ActiveMQ NMS OpenWire Client before 2.1.1 when performing connections to untrusted servers. Such servers could abuse the unbounded deserialization in the client to provide malicious...

CVE-2025-29953 Apache ActiveMQ NMS OpenWire Client: deserialization allowlist bypass

Deserialization of Untrusted Data vulnerability in Apache ActiveMQ NMS OpenWire Client. This issue affects Apache ActiveMQ NMS OpenWire Client before 2.1.1 when performing connections to untrusted servers. Such servers could abuse the unbounded deserialization in the client to provide malicious...

CVE-2025-29953

Apache ActiveMQ NMS OpenWire Client (before 2.1.1) is affected by a Deserialization of Untrusted Data vulnerability. Untrusted servers can abuse unbounded deserialization to potentially achieve arbitrary code execution on the client. A 2.1.0 denial/allowlist feature was introduced but could be by...

Dell Trusted Device Installed (Windows)

Binary data delltrusteddevicewininstalled.nbin...

Erlang/OTP SSH Application Detection

Binary data erlangotpsshdetect.nbin...

Towards Stateless Clients in Ethereum: Benchmarking Verkle Trees and Binary Merkle Trees with SNARKs

Ethereum, the leading platform for decentralized applications, faces challenges in maintaining decentralization due to the significant hardware requirements for validators to store Ethereum's entire state. To address this, the concept of stateless clients is under exploration, enabling validators...

Cisco Webex App Installed (macOS)

Binary data ciscowebexappmacinstalled.nbin...

Attack-Defense Trees with Offensive and Defensive Attributes (With Appendix)

Effective risk management in cybersecurity requires a thorough understanding of the interplay between attacker capabilities and defense strategies. Attack-Defense Trees ADTs are a commonly used methodology for representing this interplay; however, previous work in this domain has only focused on...

Exploit for CVE-2025-26244

CVE-2025-26244-POC The code to exploit this vulnerability can...

CVE-2025-3693

A vulnerability was found in Tenda W12 3.0.0.5. It has been rated as critical. Affected by this issue is the function cgiWifiRadioSet of the file /bin/httpd. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public an...

Apple iOS < 18.4.1 Multiple Vulnerabilities (122282)

Binary data appleios1841check.nbin...