CVE-2025-63296

CVE-2025-63296 affects the KERUI K259 5MP Wi‑Fi / Tuya Smart Security Camera (firmware v33.53.87). The issue is a code execution vulnerability in the bootstrap/update path: during startup, /usr/sbin/anyka_service.sh scans mounted TF/SD cards; if /mnt/update.nor.sh is found, it copies it to /tmp/n...

EUVD-2025-25798

Malicious code in bioql PyPI...

CVE-2025-20314

A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker with level-15 privileges or an unauthenticated attacker with physical access to an affected device to execute persistent code at boot time and break the chain of trust. This vulnerability is due to improper...

PT-2025-34111 · Undefined · Undefined

Foxit PDF Reader 4.3.1.0218 exposes a JavaScript API function, createDataObject, that allows untrusted PDF content to write arbitrary files anywhere on disk. By embedding a malicious PDF that calls this API, an attacker can drop executables or scripts into privileged folders, leading to code...

GNU GRUB 缓冲区错误漏洞

GNU GRUB is a Linux system boot program from the GNU community. A buffer overflow vulnerability exists in GRUB. The vulnerability stems from the fs/hfs module containing an integer overflow issue that results in heap-based out-of-bounds writes. An attacker can exploit this vulnerability to execut...

CVE-2022-20731

Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an attacker to execute persistent code at boot time or to permanently prevent the device from booting, resulting in a permanent denial of service DoS condition. For...

Samsung Mobile Device Arbitrary Code Execution Vulnerability

Samsung mobile devices are smart mobile devices manufactured by Samsung in South Korea.Android L, M, and N are a set of different versions of the Linux-based open source operating system developed by Google and the Open Handset Alliance OHA.Exynos Exynos chipsets are processors designed and...