GHSA-Q98M-7W8C-W388 Kyverno policy-reporter-ui has XSS via Stored Property Values in PropertyCard Component

Summary Vue 3's v-html directive is the framework-documented mechanism for injecting raw HTML, and it intentionally disables the auto-escaping that interpolation provides. The PropertyCard.vue component uses v-html for the else branch of the URL check, meaning any non-URL string value flows...

DEBIAN-CVE-2025-66037

OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, feeding a crafted input to the fuzzpkcs15reader harness causes OpenSC to perform an out-of-bounds heap read in the X.509/SPKI handling path. Specifically, scpkcs15pubkeyfromspkifields allocates a zero-length buffer...

CVE-2026-32757

Admidio is an open-source user management solution. In versions 5.0.6 and below, the eCard send handler uses a raw $POST'ecardmessage' value instead of the HTMLPurifier-sanitized $formValues'ecardmessage' when constructing the greeting card HTML. This allows an authenticated attacker to inject...

CVE-2018-12258

An issue was discovered on Momentum Axel 720P 5.1.8 devices. Custom Firmware Upgrade is possible via an SD Card. With physical access, an attacker can upgrade the firmware in under 60 seconds by inserting an SD card containing the firmware with name 'ezviz.dav' and rebooting...

CVE-2019-12919

On Shenzhen Cylan Clever Dog Smart Camera DOG-2W and DOG-2W-V4 devices, an attacker on the local network has unauthenticated access to the internal SD card via the HTTP service on port 8000. The HTTP web server on the camera allows anyone to view or download the video archive recorded and saved o...

@oku-ui/primitives (>=0.4.0 <=0.6.1) potentially affected by unknown CVE via @oku-ui/hover-card (=0.6.1)

@oku-ui/hover-card NPM version =0.6.1 is affected by a known vulnerability. The following packages have a transitive dependency on @oku-ui/hover-card and may be impacted: - @oku-ui/primitives =0.4.0, =0.6.1 Source cves: unknown CVE Source advisory: OSV:MAL-2025-191259...

EUVD-2019-6921

Malware in sbrugna...

EUVD-2019-7145

Malware in sbrugna...

EUVD-2017-9269

Malware in sbrugna...

EUVD-2015-2075

Malware in sbrugna...

EUVD-2021-30980

Malicious code in bioql PyPI...

EUVD-2025-17315

Malicious code in bioql PyPI...

PT-2025-31105 · Unknown · Marbella Kr8S Dashcam

Name of the Vulnerable Software and Affected Versions: Marbella KR8s Dashcam FF version 2.0.8 Description: An issue exists where the existing password is written in cleartext onto a newly inserted SD card. An attacker with temporary physical access to the device can steal the password by swapping...

CVE-2023-41818

An improper use of the SD card for sensitive data vulnerability was reported in the Motorola Device Help application that could allow a local attacker to read system logs...

CVE-2021-3615

A vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E that could allow code execution if a specific file exists on the attached SD card. This vulnerability is the same as CNVD-2021-45262...

CVE-2020-18329

An issue was discovered in Rehau devices that use a pCOWeb card BIOS v6.27, BOOT v5.00, web version v2.2, allows attackers to gain full unauthenticated access to the configuration and service interface...

CVE-2013-1176

The DSP card on Cisco TelePresence MCU 4500 and 4501 devices before 4.32.30, TelePresence MCU MSE 8510 devices before 4.32.30, and TelePresence Server before 2.31.55 does not properly validate H.264 data, which allows remote attackers to cause a denial of service device reload via crafted RTP...

CVE-2019-16398

On Keeper K5 20.1.0.25 and 20.1.0.63 devices, remote code execution can occur by inserting an SD card containing a file named zskjscriptrun.sh that executes a reverse shell...

CVE-2025-25650

An issue in the storage of NFC card data in Dorset DG 201 Digital Lock H5433WBSKv2.2220605 allows attackers to produce cloned NFC cards to bypass authentication...

CVE-2025-25650

An issue in the storage of NFC card data in Dorset DG 201 Digital Lock H5433WBSKv2.2220605 allows attackers to produce cloned NFC cards to bypass authentication...