2330 matches found
CVE-2025-52663
A vulnerability was identified in certain UniFi Talk devices where internal debugging functionality remained unintentionally enabled. This issue could allow an attacker with access to the UniFi Talk management network to invoke internal debug operations through the device API. Affected Products:...
CVE-2025-52663
A vulnerability was identified in certain UniFi Talk devices where internal debugging functionality remained unintentionally enabled. This issue could allow an attacker with access to the UniFi Talk management network to invoke internal debug operations through the device API. Affected Products:...
CVE-2025-52663
Affects UniFi Talk devices: UniFi Talk Touch <= 1.21.16, UniFi Talk Touch Max <= 2.21.22, and UniFi Talk G3 Phones = 1.21.17, UniFi Talk Touch Max >= 2.21.23, and UniFi Talk G3 Phones >= 3.21.27. If newer advisories exist, follow their guidance; otherwise these are the stated fixes.
PT-2025-44561
Name of the Vulnerable Software and Affected Versions UniFi Talk Touch versions 1.21.16 and earlier UniFi Talk Touch Max versions 2.21.22 and earlier UniFi Talk G3 Phones versions 3.21.26 and earlier Description An issue was identified in certain UniFi Talk devices where internal debugging...
Arista DANZ Monitoring Fabric 安全漏洞
Arista DANZ Monitoring Fabric is a traffic monitoring, security, and performance analytics platform from Arista USA. A security vulnerability exists in Arista DANZ Monitoring Fabric that originates from a restricted user being able to view sensitive portions of the configuration database via the...
CVE-2025-61106
A flaw was found in frr. When the OSPF daemon ospfd is configured with the debug command "debug ospf packet all send/recv detail", it attempts to print detailed information about OSPF packets. However, a specially crafted OSPF packet can trigger a NULL pointer dereference in the...
CVE-2025-61104
A flaw was found in frr. When the OSPF daemon ospfd is configured with the debug command "debug ospf packet all send/recv detail", it attempts to print detailed information about OSPF packets. However, a specially crafted OSPF packet can trigger a NULL pointer dereference in the showvtyunknowntlv...
CVE-2025-61101
A NULL pointer dereference vulnerability was found in FRRouting within the showvtyextlinkrmtitfaddr function within ospfext.c. When the OSPF daemon ospfd is configured with the debug command debug ospf packet all send/recv detail, it attempts to display detailed information of OSPF packets...
EUVD-2022-54544
In the Linux kernel, the following vulnerability has been resolved: erspan: do not assume transport header is always set Rewrite tests in ip6erspantunnelxmit and erspanfbxmit to not assume transport header is set. syzbot reported: WARNING: CPU: 0 PID: 1350 at include/linux/skbuff.h:2911...
ROS-20251023-02
Vulnerability of ip6makeskb function of net/ipv6/ip6output.c module of Linux kernel IPv6 protocol implementation is related to the use of uninitialized resource. of Linux operating system is related to the use of an uninitialized resource. Exploitation the vulnerability could allow an attacker to...
curl: Use of Deprecated strcpy() with User-Controlled Environment Variable in Memory Debug Initialization
Discovery Method Step 1: Initial Security Scan Find all files using dangerous string functions find src/ -name ".c" -exec grep -l "strcpy|strcat|sprintf|gets" ; OUTPUT: src/toolprogress.c src/toolmain.c Step 2: Locate Vulnerable Code in Main.c Find exact strcpy usage in toolmain.c grep -n...
Malicious code in debug-mj (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9f60289f1a0f9296cf8aa9ed744c256c0963a95dc751ff52a708d2676d14825a Any computer that has this package installed or running should be considered...
CVE-2025-10645
The WP Reset plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.05 via the WFLicensing::log method when debugging is enabled default. This makes it possible for unauthenticated attackers to extract sensitive license key and site data...
Google's New AI Doesn't Just Find Vulnerabilities — It Rewrites Code to Patch Them
Google's DeepMind division on Monday announced an artificial intelligence AI-powered agent called CodeMender that automatically detects, patches, and rewrites vulnerable code to prevent future exploits. The efforts add to the company's ongoing efforts to improve AI-powered vulnerability discovery...
EUVD-2025-32702
The WP Reset plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.05 via the WFLicensing::log method when debugging is enabled default. This makes it possible for unauthenticated attackers to extract sensitive license key and site data...
CVE-2025-10645
The WP Reset plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.05 via the WFLicensing::log method when debugging is enabled default. This makes it possible for unauthenticated attackers to extract sensitive license key and site data...
CVE-2025-10645 WP Reset <= 2.05 - Unauthenticated Sensitive Information Exposure via wf-licensing.log
The WP Reset plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.05 via the WFLicensing::log method when debugging is enabled default. This makes it possible for unauthenticated attackers to extract sensitive license key and site data...
EUVD-2002-0848
Malware in sbrugna...
EUVD-2005-3254
Malware in sbrugna...
EUVD-2017-9951
Malware in sbrugna...