66 matches found
Security Advisory 0139
Security Advisory 0139 PDF Date: May 19, 2026 Revision | Date | Changes ---|---|--- 1.0 | May 19, 2026 | Initial release The CVE-ID tracking this issue: CVE-2025-49844 CVSSv3.1 Base Score: 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H CVSSv4.0 Base Score: 9.4...
CVE-2026-2563
A vulnerability was identified in JingDong JD Cloud Box AX6600 up to 4.5.1.r4533. Affected is the function setstcreenendeabledstatus/getstatus of the file /f/service/controlDevice of the component jdcapprpc. The manipulation leads to Remote Privilege Escalation. It is possible to initiate the...
PT-2026-6743
SecurOS Enterprise 10.2 contains an unquoted service path vulnerability in the SecurosCtrlService that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:Program Files x86ISSSecurOS to insert malicious code that would execute with...
EUVD-2005-3034
Malware in sbrugna...
EUVD-1999-1492
Malware in sbrugna...
EUVD-2005-3035
Malware in sbrugna...
EUVD-2021-1841
Malware in sbrugna...
EUVD-2024-32842
Malicious code in bioql PyPI...
PT-2025-37050
Name of the Vulnerable Software and Affected Versions: litmusautomation litmus-mcp-server versions through 0.0.1 Description: An issue allows unauthorized attackers to control the target's MCP service through the SSE Server-Sent Events protocol. Recommendations: At the moment, there is no...
CVE-2005-3035
Compuware DriverStudio Remote Control service DSRsvc.exe 2.7 and 3.0 beta 2 allows remote attackers to cause a denial of service reboot via a UDP packet sent directly to port 9110...
CVE-2005-3034
Compuware DriverStudio Remote Control service DSRsvc.exe 2.7 and 3.0 beta 2 allows remote attackers to bypass authentication via a null session...
CVE-2024-56317
In Matter aka connectedhomeip or Project CHIP through 1.4.0.0, the WriteAcl function deletes all existing ACL entries first, and then attempts to recreate them based on user input. If input validation fails during decoding, the process stops, and no entries are restored by...
PLANET switch devices 加密问题漏洞
PLANET switch devices are a series of switch devices from PLANET Corporation in China. PLANET switch devices suffers from an encryption issue vulnerability, which arises from the authentication token used when communicating with the swctrl service as an encoded user password, which is not strong...
PLANET switch devices 资源管理错误漏洞
PLANET switch devices are a series of switch devices from PLANET China. A resource management error vulnerability exists in PLANET switch devices, which stems from a denial of service vulnerability in the swctrl service that allows an unauthenticated, remote attacker to send crafted packets causi...
Longse NVR Security Vulnerability
Longse NVR is a series of network video recorders from China-based Longse Technology Longse. A security vulnerability exists in the Longse NVR that stems from transmitting a user's login and password to a remote control service without the use of any encryption, allowing an attacker to eavesdrop ...
LoLLMs Cross-Site Request Forgery Vulnerability
LoLLMs is a Web UI for a large language multimodal system by the individual developer Saifeddine ALOUI. A cross-site request forgery vulnerability exists in LoLLMs version 9.6 and prior versions, which stems from a lack of cross-site request forgery protection in the Elastic Search Service, XTTS...
CVE-2024-4292
A vulnerability classified as critical has been found in Contemporary Controls BASrouter BACnet BASRT-B 2.7.2. Affected is an unknown function of the component Device-Communication-Control Service. The manipulation with the input 55ff0500370015f30104025506110afb7519035d0841e4bece257b6acfc71f lead...
CVE-2024-4292 Contemporary Controls BASrouter BACnet BASRT-B Device-Communication-Control Service denial of service
A vulnerability classified as critical has been found in Contemporary Controls BASrouter BACnet BASRT-B 2.7.2. Affected is an unknown function of the component Device-Communication-Control Service. The manipulation with the input 55ff0500370015f30104025506110afb7519035d0841e4bece257b6acfc71f lead...
CVE-2024-4292 Contemporary Controls BASrouter BACnet BASRT-B Device-Communication-Control Service denial of service
A vulnerability classified as critical has been found in Contemporary Controls BASrouter BACnet BASRT-B 2.7.2. Affected is an unknown function of the component Device-Communication-Control Service. The manipulation with the input 55ff0500370015f30104025506110afb7519035d0841e4bece257b6acfc71f lead...
kernel: wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes A bad USB device is able to construct a service connection response message with target endpoint being ENDPOINT0 which is reserved for HTCCTRLRSVDSVC and should not be...