CVE-2025-64098 FastDDS has Out-of-memory in readOctetVector via Manipulated DATA Submessage when DDS Security is enabled

Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group . Prior to versions 3.4.1, 3.3.1, and 2.6.11, when the security mode is enabled, modifying the DATA Submessage within an SPDP packet sent by a publisher causes an Out-Of-Memory OOM...

CVE-2025-62600

eprosima Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group. Prior to 2.6.11, 2.14.6, 3.2.4, 3.3.1, and 3.4.1, when the security mode is enabled, modifying the DATA Submessage within an SPDP packet sent by a publisher causes an...

Linux Distros Unpatched Vulnerability : CVE-2025-32899

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In KDE Connect before 1.33.0 on Android, a packet can be crafted that causes two paired devices to unpair. Specifically, it is an invalid discovery packet sent...

SUSE CVE-2025-32899

In KDE Connect before 1.33.0 on Android, a packet can be crafted that causes two paired devices to unpair. Specifically, it is an invalid discovery packet sent over broadcast UDP...

CVE-2025-32899

In KDE Connect before 1.33.0 on Android, a packet can be crafted that causes two paired devices to unpair. Specifically, it is an invalid discovery packet sent over broadcast UDP...

UBUNTU-CVE-2025-32899

In KDE Connect before 1.33.0 on Android, a packet can be crafted that causes two paired devices to unpair. Specifically, it is an invalid discovery packet sent over broadcast UDP...

CVE-2025-32899

KDE Connect (Android)

CVE-2025-32899

In KDE Connect before 1.33.0 on Android, a packet can be crafted that causes two paired devices to unpair. Specifically, it is an invalid discovery packet sent over broadcast UDP...

EUVD-2025-201336

In KDE Connect before 1.33.0 on Android, a packet can be crafted that causes two paired devices to unpair. Specifically, it is an invalid discovery packet sent over broadcast UDP...

CVE-2025-32899

In KDE Connect before 1.33.0 on Android, a packet can be crafted that causes two paired devices to unpair. Specifically, it is an invalid discovery packet sent over broadcast UDP...

CVE-2025-32899

In KDE Connect before 1.33.0 on Android, a packet can be crafted that causes two paired devices to unpair. Specifically, it is an invalid discovery packet sent over broadcast UDP...

PT-2025-49196

In KDE Connect before 1.33.0 on Android, a packet can be crafted that causes two paired devices to unpair. Specifically, it is an invalid discovery packet sent over broadcast UDP...

CVE-2024-22054

A malformed discovery packet sent by a malicious actor with preexisting access to the network could interrupt the functionality of device management and discovery. Affected Products: UniFi Access Points UniFi Switches UniFi LTE Backup UniFi Express Only Mesh Mode, Router mode is not affected...

📄 TP-Link VN020-F3v(T) DHCP Stack Buffer Overflow

TP-Link VN020-F3vT suffers from a DHCP stack buffer overflow vulnerability. / Exploit Title: TP-Link VN020 F3vT TTV6.2.1021 - DHCP Stack Buffer Overflow Date: 10/20/2024 Exploit Author: Mohamed Maatallah Vendor Homepage: https://www.tp-link.com Version: TTV6.2.1021 VN020-F3vT Tested on: VN020-F3v...

CVE-2024-22054

A malformed discovery packet sent by a malicious actor with preexisting access to the network could interrupt the functionality of device management and discovery. Affected Products: UniFi Access Points UniFi Switches UniFi LTE Backup UniFi Express Only Mesh Mode, Router mode is not affected...

Moxa Camera VPort 06EC-2V 代码问题漏洞

Moxa Camera VPort 06EC-2V is a camera device from Moxa MOXA of Taiwan, China. A security vulnerability exists in the Moxa Camera VPort 06EC-2V. An attacker can cause a denial of service by dereferencing a NULL pointer via a fake lldp packet...

AnyDesk GUI Format String Write Exploit

The AnyDesk GUI is vulnerable to a remotely exploitable format string vulnerability. By sending a specially crafted discovery packet, an attacker can corrupt the frontend process when it loads or refreshes. While the discovery service is always running, the GUI frontend must be started to trigger...

AnyDesk GUI Format String Write

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'AnyDesk GUI Format String Write', 'Description' = %q The AnyDesk GUI is vulnerable to a remotely exploitable format string vulnerability. By...

AnyDesk GUI Format String Write

The AnyDesk GUI is vulnerable to a remotely exploitable format string vulnerability. By sending a specially crafted discovery packet, an attacker can corrupt the frontend process when it loads or refreshes. While the discovery service is always running, the GUI frontend must be started to trigger...

Network Time Protocol Crypto-NAK Preemptible Association Denial of Service Vulnerability

SUMMARY An off-path attacker can cause a preemptible client association to be demobilized by sending a crypto NAK packet to a victim client with a spoofed source address of an existing associated peer. This is true even if authentication is enabled. Furthermore, if the attacker keeps sending cryp...