CVE-2025-53477 Apache Mynewt NimBLE: NULL Pointer Dereference in NimBLE host HCI layer

NULL Pointer Dereference vulnerability in Apache Nimble. Missing validation of HCI connection complete or HCI command TX buffer could lead to NULL pointer dereference. This issue requires disabled asserts and broken or bogus Bluetooth controller and thus severity is considered low. This issue...

EUVD-2026-1853

NULL Pointer Dereference vulnerability in Apache Nimble. Missing validation of HCI connection complete or HCI command TX buffer could lead to NULL pointer dereference. This issue requires disabled asserts and broken or bogus Bluetooth controller and thus severity is considered low. This issue...

CVE-2025-15502 Sangfor Operation and Maintenance Management System session SessionController os command injection

A vulnerability was identified in Sangfor Operation and Maintenance Management System up to 3.0.8. The affected element is the function SessionController of the file /isomp-protocol/protocol/session. Such manipulation of the argument Hostname leads to os command injection. The attack can be...

CVE-2025-15502

The CVE-2025-15502 entry affects Sangfor Operation and Maintenance Management System up to version 3.0.8. The vulnerability lies in the SessionController function at /isomp-protocol/protocol/session, where manipulating the Hostname argument enables OS command injection. It is exploitable remotely...

XXE

Install dependencies npm init -y npm install e...

PT-2026-1779

Name of the Vulnerable Software and Affected Versions Sangfor Operation and Maintenance Management System versions up to 3.0.8 Description A remote OS command injection issue exists in the SessionController function within the /isomp-protocol/protocol/session file of the software. Manipulation of...

PT-2026-1816

Name of the Vulnerable Software and Affected Versions Apache NimBLE versions through 1.8.0 Description A flaw exists in Apache NimBLE where missing validation of an HCI connection complete or HCI command TX buffer can result in a NULL pointer dereference. This issue requires disabled asserts and ...

Apache NimBLE 缓冲区错误漏洞

Apache NimBLE is an open source Bluetooth 5.4 stack host and controller from the Apache Foundation, USA, that completely replaces the proprietary SoftDevice on Nordic chipsets.It is part of the Apache Mynewt project. A buffer error vulnerability exists in Apache NimBLE 1.8 and earlier versions,...

PT-2026-1815

Name of the Vulnerable Software and Affected Versions Apache NimBLE versions through 1.8 Description An out-of-bounds read issue exists in the Apache NimBLE HCI H4 driver. A specially crafted HCI event can cause an invalid memory read within the H4 driver. The issue is considered low severity as ...

CVE-2025-69425 Ruckus vRIoT IoT Controller < 3.0.0.0 Hardcoded Tokens RCE

The Ruckus vRIoT IoT Controller firmware versions prior to 3.0.0.0 GA expose a command execution service on TCP port 2004 running with root privileges. Authentication to this service relies on a hardcoded Time-based One-Time Password TOTP secret and an embedded static token. An attacker who...

CVE-2025-69425

The CVE-2025-69425 entry affects Ruckus vRIoT IoT Controller firmware before 3.0.0.0 (GA). A command execution service on TCP port 2004 runs with root privileges, authenticated by a hardcoded TOTP secret and an embedded static token. Exploitation requires credential extraction from the appliance ...

CVE-2005-1784

Hosting Controller 6.1 HotFix 2.0 and earlier allows remote attackers to steal passwords and gain privileges via a modified emailaddress parameter in an updateprofile action for UserProfile.asp...

CVE-2023-4341

Broadcom RAID Controller is vulnerable to Privilege escalation to root due to creation of insecure folders by Web GUI...

CVE-2023-4332

Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file...

CVE-2023-4323

Broadcom RAID Controller web interface is vulnerable to improper session management of active sessions on Gateway setup...

CVE-2023-4325

Broadcom RAID Controller web interface is vulnerable due to usage of Libcurl with LSA has known vulnerabilities...

CVE-2023-4343

Broadcom RAID Controller web interface is vulnerable due to exposure of sensitive password information in the URL as a URL search parameter...

CVE-2023-4334

Broadcom RAID Controller Web server nginx is serving private files without any authentication...

CVE-2023-4329

Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard SESSIONID cookie with SameSite attribute...

CVE-2023-4338

Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not provide X-Content-Type-Options Headers...