PT-2025-54225

Name of the Vulnerable Software and Affected Versions Temporal versions through 1.29.1 Description When the system.enableCrossNamespaceCommands setting is enabled, the Temporal server allows specific workflow task commands—including StartChildWorkflowExecution, SignalExternalWorkflowExecution, an...

rsync: Path traversal vulnerability in rsync

A path traversal vulnerability exists in rsync. It stems from behavior enabled by the --inc-recursive option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the --inc-recursive option, a lack of proper...

CVE-2025-36753

The SWD debug interface on the Growatt ShineLan-X communication dongle is available by default, allowing an attacker to attain debug access to the device and to extracting secrets or domains from within the device...

CVE-2025-36753

The SWD debug interface on the Growatt ShineLan-X communication dongle is available by default, allowing an attacker to attain debug access to the device and to extracting secrets or domains from within the device...

Lexmark Printers 7PK - Security Features (CVE-2019-10059)

The legacy finger service TCP port 79 is enabled by default on various older Lexmark devices. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...

NeuVector telemetry sender is vulnerable to MITM and DoS

Impact This vulnerability affects NeuVector deployments only when the Report anonymous cluster data option is enabled. When this option is enabled, NeuVector sends anonymous telemetry data to the telemetry server at https://upgrades.neuvector-upgrade-responder.livestock.rancher.io. In affected...

CVE-2025-58778

Multiple versions of RG-EST300 provided by Ruijie Networks provide SSH server functionality. It is not documented in the manual, and enabled in the initial configuration. Anyone with the knowledge of the related credentials can log in to the affected device, leading to information disclosure,...

EUVD-2025-34713

Multiple versions of RG-EST300 provided by Ruijie Networks provide SSH server functionality. It is not documented in the manual, and enabled in the initial configuration. Anyone with the knowledge of the related credentials can log in to the affected device, leading to information disclosure,...

Ruijie RG-EST300 安全漏洞

The Ruijie RG-EST300 is a wireless bridge device from Ruijie, China. A security vulnerability exists in the Ruijie RG-EST300 that stems from the SSH server feature not being documented in the manual and enabled in the initial configuration, which could lead to information disclosure, system...

CVE-2025-59146

New API is a large language mode LLM gateway and artificial intelligence AI asset management system. An authenticated Server-Side Request Forgery SSRF vulnerability exists in versions prior to 0.9.0.5. A feature within the application allows authenticated users to submit a URL for the server to...

EUVD-2019-3515

Malware in sbrugna...

EUVD-2023-12406

Malicious code in bioql PyPI...

In Emacs before 29.3, LaTeX preview is enabled by default for e-mail attachments.

...

Linux Distros Unpatched Vulnerability : CVE-2025-32022

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Finit provides fast init for Linux systems. Finit's urandom plugin has a heap buffer overwrite vulnerability at boot which leads to it overwriting other parts o...

CVE-2025-43982

Shenzhen Tuoshi NR500-EA RG500UEAABxCOMSLICv3.4.2731.16.43 devices enable the SSH service by default. There is a hidden hard-coded root account that cannot be disabled in the GUI...

CVE-2025-43986

An issue was discovered on KuWFi GC111 GC111-GL-LM321V3.020191211 devices. The TELNET service is enabled by default and exposed over the WAN interface without authentication...

KuWFi GC111 安全漏洞

KuWFi GC111 is a WiFi router from KuWFi China. A security vulnerability exists in KuWFi GC111 GC111-GL-LM321V3.020191211, which stems from TELNET service being enabled by default and unauthenticated...

PT-2025-33071 · Unknown · Kuwfi Gc111-Gl-Lm321 V3.0 20191211 +1

Name of the Vulnerable Software and Affected Versions: KuWFi GC111 GC111-GL-LM321 V3.0 20191211 Description: The TELNET service is enabled by default and exposed over the WAN interface without authentication. Recommendations: Disable the TELNET service to prevent unauthorized access...

CVE-2023-23451

The Flexi Classic and Flexi Soft Gateways SICK UE410-EN3 FLEXI ETHERNET GATEW. with serial number =2311xxxx all Firmware versions, SICK UE410-EN1 FLEXI ETHERNET GATEW. with serial number =2311xxxx all Firmware versions, SICK UE410-EN3S04 FLEXI ETHERNET GATEW. with serial number =2311xxxx all...

Siemens VersiCharge AC Series 安全漏洞

The VersiCharge AC Series Electric Vehicle Charger is an electric vehicle charging device from Siemens for a variety of application scenarios, including workplaces, retail, parking lots, multi-unit housing, public charging and home charging. An arbitrary code execution vulnerability exists in the...