61 matches found
CVE-2026-42542 TDengine has an integer underflow in uvConnMayGetUserInfo() allows unauthenticated remote crash (DoS)
TDengine is an open source, time-series database optimized for Internet of Things devices. In versions 3.4.0.0 through 3.4.1.5, an unauthenticated remote attacker can crash the taosd server process by sending a single crafted RPC packet. No credentials or prior session state are required. Version...
CVE-2026-42542 TDengine has an integer underflow in uvConnMayGetUserInfo() allows unauthenticated remote crash (DoS)
TDengine is an open source, time-series database optimized for Internet of Things devices. In versions 3.4.0.0 through 3.4.1.5, an unauthenticated remote attacker can crash the taosd server process by sending a single crafted RPC packet. No credentials or prior session state are required. Version...
PT-2026-48533
šØ CVE-2026-42542 TDengine is an open source, time-series database optimized for Internet of Things devices. In versions 3.4.0.0 through 3.4.1.5, an unauthenticated remote attacker can crash the taosd server process by sending a single crafted RPC packet. No credentials or prior session state are...
CVE-2026-7480
An Incorrect Permission Assignment for Critical Resource vulnerability in ASUS System Control Interface allows a local user to elevate privileges to SYSTEM and execute arbitrary code via a crafted RPC call that bypass the validation mechanism. Refer to the 'Security Update for ASUS System Control...
CVE-2026-7480
An Incorrect Permission Assignment for Critical Resource vulnerability in ASUS System Control Interface allows a local user to elevate privileges to SYSTEM and execute arbitrary code via a crafted RPC call that bypass the validation mechanism. Refer to the 'Security Update for ASUS System Control...
Microsoft Windows Buffer Overflow Vulnerability
Microsoft Windows contains a buffer overflow vulnerability in the Windows Server Service that allows remote attackers to execute arbitrary code via a crafted RPC request that triggers an overflow during path canonicalization...
EUVD-2015-2434
Malware in sbrugna...
EUVD-2023-52915
Malicious code in bioql PyPI...
CVE-2023-48886
A deserialization vulnerability in NettyRpc v1.2 allows attackers to execute arbitrary commands via sending a crafted RPC request...
CVE-2023-48887
A deserialization vulnerability in Jupiter v1.3.1 allows attackers to execute arbitrary commands via sending a crafted RPC request...
CVE-2019-3975
Stack-based buffer overflow in Advantech WebAccess/SCADA 8.4.1 allows a remote, unauthenticated attacker to execute arbitrary code via a crafted IOCTL 70603 RPC message...
CVE-2025-32402
An Out-of-bounds Write in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a malicious RPC packet...
BIT-ODOO-2021-23176
Improper access control in reporting engine of l10nfrfec module in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows remote authenticated users to extract accounting information via crafted RPC packets...
BIT-ODOO-2021-44465
Improper access control in Odoo Community 13.0 and earlier and Odoo Enterprise 13.0 and earlier allows authenticated attackers to subscribe to receive future notifications and comments related to arbitrary business records in the system, via crafted RPC requests...
CVE-2023-48886
A deserialization vulnerability in NettyRpc v1.2 allows attackers to execute arbitrary commands via sending a crafted RPC request...
CVE-2023-48887
A deserialization vulnerability in Jupiter v1.3.1 allows attackers to execute arbitrary commands via sending a crafted RPC request...
CVE-2023-48886
A deserialization vulnerability in NettyRpc v1.2 allows attackers to execute arbitrary commands via sending a crafted RPC request...
Deserialization of untrusted data
A deserialization vulnerability in NettyRpc v1.2 allows attackers to execute arbitrary commands via sending a crafted RPC request...
CVE-2023-48887
A deserialization vulnerability in Jupiter v1.3.1 allows attackers to execute arbitrary commands via sending a crafted RPC request...
CVE-2021-23176
Improper access control in reporting engine of l10nfrfec module in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows remote authenticated users to extract accounting information via crafted RPC packets...