PT-2025-15448 · Rockwell Automation · Rockwell Automation Arena

Name of the Vulnerable Software and Affected Versions: Rockwell Automation Arena affected versions not specified Description: A local code execution issue exists due to an uninitialized pointer, resulting from improper validation of user-supplied data. If exploited, a threat actor can disclose...

Debian dla-4117 : atop - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4117 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4117-1 [email protected] https://www.debian.org/lts/security/...

[SECURITY] [DSA 5892-1] atop security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5892-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 03, 2025 https://www.debian.org/security/faq -...

Tenda AX12 Buffer Overflow Vulnerability (CNVD-2025-07608)

Tenda AX12 is a dual-band Gigabit Wifi 6 wireless router from Tenda China. The Tenda AX12 suffers from a buffer overflow vulnerability that originates from the sub43fdcc function in /goform/SetNetControlList that fails to correctly validate the length of the input data, which can be exploited by ...

Tenda AC7 Buffer Overflow Vulnerability (CNVD-2025-07593)

Tenda AC7 is a wireless router from Tenda, a Chinese company. The Tenda AC7 suffers from a buffer overflow vulnerability that originates from the timeZone parameter of the formfastsettingwifiset function failing to properly validate the length of the input data, which can be exploited by an...

The vulnerability of the Golang programming language, related to improper validation of input data, allows attackers to circumvent established security restrictions.

The vulnerability of the Golang programming language is related to improper validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to circumvent established security measures...

AC8 Buffer Overflow Vulnerability (CNVD-2025-07594) in Shenzhen Jixiang Tengda Technology Co.

Shenzhen Jixiang Tengda Technology Co., Ltd AC8 is a wireless router. Shenzhen Jixiang Tengda Technology Co., Ltd AC8 has a buffer overflow vulnerability, the vulnerability stems from the sub47D878 function's src parameter fails to correctly validate the length of the input data size, an attacker...

The vulnerability of the ingress controller in the Kubernetes cluster ingress-nginx, related to insufficient validation of incoming data, allows a hacker to execute arbitrary code.

The vulnerability of the ingress controller in the Kubernetes cluster ingress-nginx is related to insufficient validation of incoming data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the gitRepo function in the Kubernetes cluster management software allows a attacker to influence the confidentiality and integrity of the protected information.

The vulnerability of the gitRepo function in the Kubernetes cluster management software is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to influence the confidentiality and integrity of the protected information...

CVE-2024-12858

Delta Electronics CNCSoft-G2 Version 2.1.0.16 and prior lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in...

The vulnerability of Microsoft Surface sensor display microprogramming software, related to insufficient validation of input data, allows a hacker to bypass security functions.

The vulnerability of Microsoft Surface sensor display software is related to insufficient testing of input data. Exploiting this vulnerability could allow a remote attacker to bypass security measures...

Tenda TX3 setNetControllist function buffer overflow vulnerability

Tenda TX3 is a wireless router from Tenda, a Chinese company. A buffer overflow vulnerability exists in Tenda TX3 16.03.13.11multi, which originates when the parameter list of goform /setNetControllist fails to correctly validate the length of the input data, and can be exploited by an attacker t...

Tenda tx3 Buffer Overflow Vulnerability

The Tenda tx3 is a wireless router from the Chinese company Tenda. The Tenda tx3 suffers from a buffer overflow vulnerability that originates from the parameter list of goform/setpptpuserlist failing to properly validate the length size of the input data, which can be exploited by an attacker to...

The vulnerability of the System Management Mode (SMM) mode of AMD microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the System Management Mode SMM mode of AMD microprogramming processor software is related to insufficient checking of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

WordPress Security Research Series: WordPress Security Architecture

Welcome to Part 2 of the WordPress Security Research Beginner Series! If you haven’t had a chance, please review the series introduction blog post for more details on the goal of this series and what to expect as well as Part 1, which covers WordPress Request Architecture and Hooks. In WordPress...

Linux Distros Unpatched Vulnerability : CVE-2024-7977

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient data validation in Installer in Google Chrome on Windows prior to 128.0.6613.84 allowed a local attacker to perform privilege escalation via a...

Linux Distros Unpatched Vulnerability : CVE-2025-0443

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient data validation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI...

Linux Distros Unpatched Vulnerability : CVE-2024-9963

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient data validation in Downloads in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestur...

Linux Distros Unpatched Vulnerability : CVE-2024-8907

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient data validation in Omnibox in Google Chrome on Android prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific ...

Linux Distros Unpatched Vulnerability : CVE-2025-21787

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - team: better TEAMOPTIONTYPESTRING validation syzbot reported following splat 1 Make sure user- provided data contains one nul byte. 1 BUG: KMSAN: uninit-value i...