📄 macOS 10.12.2 XNU Kernel Race Condition

This proof of concept code demonstrates a race condition observed in the setdpcontrolport function within XNU kernel versions prior to macOS 10.12.2 and iOS 10.2...

CVE-2023-43771

In nqptp-message-handlers.c in nqptp before 1.2.3, crafted packets received on the control port could crash the program...

EUVD-2025-199001

Shenzhen TVT Digital Technology Co., Ltd. NVMS-9000 firmware used by many white-labeled DVR/NVR/IPC products versions prior to 1.3.4 contain an authentication bypass in the NVMS-9000 control protocol. By sending a single crafted TCP payload to an exposed NVMS-9000 control port, an unauthenticated...

CVE-2024-14007

Shenzhen TVT Digital Technology Co., Ltd. NVMS-9000 firmware used by many white-labeled DVR/NVR/IPC products versions prior to 1.3.4 contain an authentication bypass in the NVMS-9000 control protocol. By sending a single crafted TCP payload to an exposed NVMS-9000 control port, an unauthenticated...

CVE-2024-14007 TVT NVMS-9000 < 1.3.4 Unauthenticated Administrative Queries & Information Disclosure

Shenzhen TVT Digital Technology Co., Ltd. NVMS-9000 firmware used by many white-labeled DVR/NVR/IPC products versions prior to 1.3.4 contain an authentication bypass in the NVMS-9000 control protocol. By sending a single crafted TCP payload to an exposed NVMS-9000 control port, an unauthenticated...

CVE-2024-14007

The CVE-2024-14007 entry documents an authentication bypass in Shenzhen TVT NVMS-9000 firmware prior to 1.3.4. An unauthenticated remote attacker can send a crafted TCP payload to the exposed NVMS-9000 control port to invoke privileged administrative queries (e.g., queryBasicCfg, queryUserList, q...

PT-2025-47959

Name of the Vulnerable Software and Affected Versions Shenzhen TVT Digital Technology Co., Ltd. NVMS-9000 firmware versions prior to 1.3.4 Description The NVMS-9000 firmware contains a flaw that allows unauthorized remote access. An attacker can send a specially crafted TCP payload to the NVMS-90...

EUVD-2017-7113

Malware in sbrugna...

EUVD-2003-0550

Malware in sbrugna...

EUVD-2017-7116

Malware in sbrugna...

EUVD-2023-48148

Malicious code in bioql PyPI...

SUSE CVE-2023-43771

In nqptp-message-handlers.c in nqptp before 1.2.3, crafted packets received on the control port could crash the program...

CVE-2023-43771

In nqptp-message-handlers.c in nqptp before 1.2.3, crafted packets received on the control port could crash the program...

CVE-2023-43771

In nqptp-message-handlers.c in nqptp before 1.2.3, crafted packets received on the control port could crash the program...

CVE-2023-43771

In nqptp-message-handlers.c in nqptp before 1.2.3, crafted packets received on the control port could crash the program...

CVE-2023-43771

Summary: CVE-2023-43771 affects the nqptp project. In nqptp before 1.2.3, crafted packets received on the control port could crash the program via nqptp-message-handlers.c. The Red Hat, SUSE, and OSV entries confirm the component and file involved and reference updates. Affected software: nqptp p...

CVE-2023-43771

In nqptp-message-handlers.c in nqptp before 1.2.3, crafted packets received on the control port could crash the program...

NQPTP Resource Management Error Vulnerability

NQPTP is a daemon that monitors timing data from PTP clocks on ports 319 and 320. It maintains a record of a clock, identified by its clock ID. A security vulnerability exists in NQPTP versions prior to 1.2.3, which stems from a security issue in nqptp-message-handlers.c. A carefully crafted pack...

PT-2023-28975 · Nqptp · Nqptp

Name of the Vulnerable Software and Affected Versions: nqptp versions prior to 1.2.3 Description: The issue arises from crafted packets received on the control port, which could cause the program to crash. This occurs in the nqptp-message-handlers.c file. Recommendations: For versions prior to...

kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak

The Linux kernel's TCP source port generation algorithm in the TCP stack contains a flaw due to the small table perturb size. This flaw allows an attacker to positively distinguish a system among devices with identical hardware and software, which lasts until the device restarts. An attacker can...