PT-2026-32485

Name of the Vulnerable Software and Affected Versions AC800M System 800xA versions 6.0.0x through 6.0.0303.0 AC800M System 800xA versions 6.1.0x through 6.1.0031.0 AC800M System 800xA versions 6.1.1x through 6.1.1202.0 AC800M System 800xA versions 6.2.0x through 6.2.0006.0 Symphony Plus SD Series...

CVE-2025-70304

A buffer overflow in the vobsubgetsubpicduration function of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted packet...

EUVD-2021-20027

Malware in sbrugna...

EUVD-2020-22101

Malware in sbrugna...

EUVD-2012-3993

Malware in sbrugna...

Ollama allows deletion of arbitrary files

An issue in Ollama v0.1.33 allows attackers to delete arbitrary files via sending a crafted packet to the endpoint /api/pull...

CVE-2019-5179

An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.0214. An attacker can send a specially crafted packet to trigger the parsing of this cache file...

GHSA-C86P-W88R-QVQR Duplicate Advisory: ring has some AES functions that may panic when overflow checking is enabled in

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-4p46-pwfr-66x6. This link is maintained to preserve external references. Original Description A flaw was found in Rust's Ring package. A panic may be triggered when overflow checking is enabled. In the QUIC...

Dahua NVR 安全漏洞

Dahua NVR is a series of network video recorders from Dahua China. A security vulnerability exists in the Dahua NVR4XXX. An attacker can send a carefully constructed packet to the vulnerable interface, causing the device to crash...

vditor Security Vulnerabilities

Vditor is a browser-side Markdown editor by the individual developer Vanessa219. A security vulnerability exists in vditor 3.9.8 and earlier versions, which stems from vulnerability to reading arbitrary files via a crafted packet...

Input validation

Mitsubishi MELSEC iQ-R Series PLCs with firmware 49 allow an unauthenticated attacker to halt the industrial process by sending a crafted packet over the network. This denial of service attack exposes Improper Input Validation. After halting, physical access to the PLC is required in order to...

kernel: Heap address information leak while using L2CAP_GET_CONF_OPT

A flaw was found in the Linux kernel's implementation of Logical Link Control and Adaptation Protocol L2CAP, part of the Bluetooth stack. An attacker, within the range of standard Bluetooth transmissions, can create and send a specially crafted packet. The response to this specially crafted packe...

CVE-2016-5354

The USB subsystem in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles class types, which allows remote attackers to cause a denial of service application crash via a crafted packet...

ntp: missing check for zero originate timestamp

It was discovered that ntpd as a client did not correctly check the originate timestamp in received packets. A remote attacker could use this flaw to send a crafted packet to an ntpd client that would effectively disable synchronization with the server, or push arbitrary offset/delay measurements...

UBUNTU-CVE-2015-8741

The dissectppi function in epan/dissectors/packet-ppi.c in the PPI dissector in Wireshark 2.0.x before 2.0.1 does not initialize a packet-header data structure, which allows remote attackers to cause a denial of service application crash via a crafted packet...

CVE-2007-5135

Off-by-one error in the SSLgetsharedciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738...

CVE-2007-3764

The Skinny channel driver chanskinny in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service crash via a certain data length value...