Proxmark3 4.21611 Custom Firmware

This is a custom firmware written for the Proxmark3 device. It extends the currently available firmware. This release is nicknamed "BREAKMEIFYOUCAN!"...

PT-2026-25912

@securityweekly @anton chuvakin Good research. But about CVE-2026-32290 – GL-iNet Comet KVM insufficient verification of firmware authenticity… isn’t it the whole point of these devices that you could just run your own firmware opensource on it also? Like openwrt...

SuperMicro MBD-X13SEM-F security vulnerabilities

The SuperMicro MBD-X13SEM-F is a server motherboard produced by the American company SuperMicro. The MBD-X13SEM-F contains a security vulnerability, which stems from issues with the BMC firmware verification logic. This vulnerability could allow attackers to use customized image updates to update...

CVE-2020-24034

Sagemcom F@ST 5280 routers using firmware version 1.150.61 have insecure deserialization that allows any authenticated user to perform a privilege escalation to any other user. By making a request with valid sessid, nonce, and ha1 values inside of the serialized session cookie, an attacker may...

CVE-2025-65885

An issue was discovered in the Delight Custom Firmware CFW for Nokia Symbian Belle devices on Nokia 808 Delight v1.8, Nokia N8 Delight v6.7, Nokia E7 Delight v1.3, Nokia C7 Delight v6.7, Nokia 700 Delight v1.2, Nokia 701 Delight v1.1, Nokia 603 Delight v1.0, Nokia 500 Delight v1.2, Nokia E6 Delig...

PT-2025-53590

Name of the Vulnerable Software and Affected Versions Delight Custom Firmware versions 1.0 through 1.8 Description A flaw exists in Delight Custom Firmware for Nokia Symbian Belle devices that allows local attackers to inject startup scripts. This is achieved by placing crafted .txt files into th...

Delight Custom Firmware 安全漏洞

Delight Custom Firmware is an unofficial custom firmware from Delight open source. A security vulnerability exists in Delight Custom Firmware, which originated from allowing the injection of boot scripts via a specially crafted .txt file, affecting several Nokia Symbian Belle devices...

Emoncms 安全漏洞

Emoncms is an open source web application from Emoncms Open Source. The program is primarily used to process, record and display energy, temperature and other environmental data. A security vulnerability exists in Emoncms version 11.7.3, which stems from insufficient input validation of the...

CVE-2025-60938

Emoncms 11.7.3 has a remote code execution vulnerability in the firmware upload feature that allows authenticated users to execute arbitrary commands on the target system. The vulnerability stems from insufficient input validation of user-controlled parameters including filename, port, baudrate,...

CVE-2025-60938

CVE-2025-60938 affects Emoncms 11.7.3. The issue is a remote code execution in the firmware upload feature, arising from insufficient input validation of user-controlled parameters (filename, port, baud_rate, core, autoreset) in the /admin/upload-custom-firmware endpoint. When authenticated, an a...

CVE-2025-60938

Emoncms 11.7.3 has a remote code execution vulnerability in the firmware upload feature that allows authenticated users to execute arbitrary commands on the target system. The vulnerability stems from insufficient input validation of user-controlled parameters including filename, port, baudrate,...

CVE-2025-37147

CVE-2025-37147 describes a Secure Boot Bypass affecting ArubaOS Aruba Access Points, allowing bypass of the hardware root of trust verification and enabling execution of modified or custom firmware. The vulnerability is supported by multiple sources in the Connected documents, which identify the ...

CVE-2025-37147 Secure Boot Bypass allows for Compromise of Hardware Root of Trust

A Secure Boot Bypass Vulnerability exists in affected Access Points that allows an adversary to bypass the hardware root of trust verification in place to ensure only vendor-signed firmware can execute on the device. An adversary can exploit this vulnerability to run modified or custom firmware o...

PT-2025-41991

Name of the Vulnerable Software and Affected Versions Aruba Access Points affected versions not specified Description A security flaw allows an attacker to bypass the hardware root of trust verification, enabling the execution of modified or custom firmware on affected devices. This bypass impact...

EUVD-2019-14763

Malware in sbrugna...

EUVD-2023-30068

Malicious code in bioql PyPI...

EUVD-2023-30071

Malicious code in bioql PyPI...

EUVD-2023-30070

Malicious code in bioql PyPI...

CVE-2023-26243

An issue was discovered in the Hyundai Gen5WL in-vehicle infotainment system AEEPEEUR.S5WL001.001.211214. The decryption binary used to decrypt firmware files has an information leak that allows an attacker to read the AES key and initialization vector from memory. An attacker may exploit this to...

CVE-2019-13394

The Voo branded NETGEAR CG3700b custom firmware V2.02.03 uses HTTP Basic Authentication over cleartext HTTP...