7974 matches found
PT-2026-5486
Name of the Vulnerable Software and Affected Versions Frigate version 3.36.0.9 Description Frigate version 3.36.0.9 contains a local buffer overflow in the Command Line input field. An attacker can exploit this to execute arbitrary code by crafting a malicious payload that overflows the buffer,...
PT-2026-5479
Name of the Vulnerable Software and Affected Versions Frigate version 2.02 Description The application is susceptible to a denial of service condition. An attacker can cause the application to crash by providing excessively large input to the command line interface. Specifically, a payload...
Frigate security vulnerabilities
Frigate is a complete native NVR designed by Blake Blackshear for home assistants with AI object detection capabilities. Version 3.36.0.9 of Frigate contains a security vulnerability, which stems from a local buffer overflow in the command line input field, potentially allowing arbitrary code to ...
Wordfence Intelligence Weekly WordPress Vulnerability Report (January 19, 2026 to January 25, 2026)
Did you know Wordfence runs aBug Bounty Program for all WordPress plugin and themes at no cost to vendors? Researchers can earn up to $31,200 per vulnerability , for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we...
CVE-2025-7714
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Global Interactive Design Media Software Inc. Content Management System CMS allows Command Line Execution through SQL Injection.This issue affects Content Management System CMS: through 21072025...
CVE-2025-7714
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Global Interactive Design Media Software Inc. Content Management System CMS allows Command Line Execution through SQL Injection. This issue affects Content Management System CMS: through 21072025...
CVE-2025-7714 Time Based SQLi in Global Medya's PHP CMS
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Global Interactive Design Media Software Inc. Content Management System CMS allows Command Line Execution through SQL Injection. This issue affects Content Management System CMS: through 21072025...
CVE-2025-7714 Time Based SQLi in Global Medya's PHP CMS
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Global Interactive Design Media Software Inc. Content Management System CMS allows Command Line Execution through SQL Injection. This issue affects Content Management System CMS: through 21072025...
CVE-2025-7714
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Global Interactive Design Media Software Inc. Content Management System CMS allows Command Line Execution through SQL Injection. This issue affects Content Management System CMS: through 21072025...
EUVD-2025-206547
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Global Interactive Design Media Software Inc. Content Management System CMS allows Command Line Execution through SQL Injection.This issue affects Content Management System CMS: through 21072025...
CVE-2025-7714
The CVE-2025-7714 entry concerns an SQL Injection vulnerability in Global Interactive Design Media Software Inc. Content Management System (CMS) that allows Command Line Execution via improper neutralization of special elements in SQL commands. The description indicates the issue affects the CMS ...
PT-2026-5303
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Global Interactive Design Media Software Inc. Content Management System CMS allows Command Line Execution through SQL Injection.This issue affects Content Management System CMS: through 21072025...
[SECURITY] Fedora 42 Update: curl-8.11.1-7.fc42
curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMA P, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...
ALPINE-CVE-2025-15469
Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. Impact summary: A user signing or verifying files larger than 16MB with one-shot algorithms such as Ed25519, Ed448, or ML-DSA m...
CVE-2025-15469
Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. Impact summary: A user signing or verifying files larger than 16MB with one-shot algorithms such as Ed25519, Ed448, or ML-DSA m...
CVE-2025-15469 'openssl dgst' one-shot codepath silently truncates inputs >16MB
Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. Impact summary: A user signing or verifying files larger than 16MB with one-shot algorithms such as Ed25519, Ed448, or ML-DSA m...
EUVD-2025-206399
Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. Impact summary: A user signing or verifying files larger than 16MB with one-shot algorithms such as Ed25519, Ed448, or ML-DSA m...
CVE-2025-15469
Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. Impact summary: A user signing or verifying files larger than 16MB with one-shot algorithms such as Ed25519, Ed448, or ML-DSA m...
CVE-2025-59104
With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint or use the 6-Pin tag-connect cable. Thus, the attacker gains access to the bootloader, where the kernel command line can be changed. An attacker is able to gain a root shell through...
Exploit for CVE-2025-36911
WhisperPair Python CLI Fast Pair CVE-2025-36911 Exploit To...