11 matches found
CVE-2025-6145
A vulnerability was found in TOTOLINK EX1200T 4.1.2cu.5232B20210713 and classified as critical. Affected by this issue is some unknown functionality of the file /boafrm/formSysLog of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The...
Teleport allows remote authentication bypass
Impact A full technical disclosure and open-source patch will be published after the embargo period, ending on June 30th, to allow all users to upgrade. Teleport security engineers identified a critical security vulnerability that could allow remote authentication bypass of Teleport. Teleport Clo...
CVE-2025-5622 D-Link DIR-816 wirelessApcli_5g stack-based overflow
A vulnerability was found in D-Link DIR-816 1.10CNB05 and classified as critical. Affected by this issue is the function wirelessApcli5g of the file /goform/wirelessApcli5g. The manipulation of the argument apclimode5g/apclienc5g/apclidefaultkey5g leads to stack-based buffer overflow. The attack...
CVE-2025-0346
The CVE-2025-0346 entry relates to code-projects Content Management System 1.0, affecting the /admin/publishnews.php Publish News Page. The vulnerability arises from manipulating the image parameter, leading to unrestricted upload. It is exploitable remotely and has been publicly disclosed. A ran...
CVE-2019-13689
Inappropriate implementation in OS in Google Chrome on ChromeOS prior to 75.0.3770.80 allowed a remote attacker to perform arbitrary read/write via a malicious file. Chromium security severity: Critical...
Lazarus Group Uses ManageEngine Exploit to Unlock Path for QuiteRAT
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Lazarus Group, a threat actor associated with North Korea, has been detected utilizing a recently patched critical security vulnerability in Zoho ManageEngine ServiceDesk Plus. This vulnerability was...
CVE-2022-35698
creationtimestamp| type| source ---|---|--- 2022-10-12 06:00:10+00:00| seen| https://www.cert.at/de/warnungen/2022/10/kritische-sicherheitslucke-in-magento-open-source-und-adobe-commerce-updates-verfugbar 2022-10-12 09:34:02+00:00| seen|...
Android Security Bulletin—April 2017Stay organized with collectionsSave and categorize content based on your preferences.
The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Alongside the bulletin, we have released a security update to Nexus devices through an over-the-air OTA update. The Google device firmware images have also been released to the Google Developer...
Android Security Bulletin—May 2016Stay organized with collectionsSave and categorize content based on your preferences.
The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Alongside the bulletin, we have released a security update to Nexus devices through an over-the-air OTA update. The Nexus firmware images have also been released to the Google Developer site...
OpenSSL latest high-risk Vulnerability, CVE-2 0 1 5-1 7 9 3 patch released-vulnerability warning-the black bar safety net
! Researchers Adam Langley/David Benjamin Google/BoringSSLrecently found a new OpenSSL critical security vulnerability. The vulnerability the vulnerability number CVE-2 0 1 5-1 7 9 3, is the certificate validation logic the process not able to properly validate new and untrusted certificates. An...
Debian DSA-466-1 : linux-kernel-2.2.10-powerpc-apus - failing function and TLB flush
Paul Starzetz and Wojciech Purczynski of isec.pl discovered a critical security vulnerability in the memory management code of Linux inside the mremap2 system call. Due to flushing the TLB Translation Lookaside Buffer, an address cache too early it is possible for an attacker to trigger a local...