17 matches found
Eclipse ThreadX NetX Duo 缓冲区错误漏洞
Eclipse ThreadX NetX Duo is an IPv4 and IPv6 dual network stack for Eclipse ThreadX open source. A buffer error vulnerability exists in Eclipse ThreadX NetX Duo versions prior to 6.4.4, which stems from a potential out-of-bounds read issue in the nxicmpv6validateoptions function when processing...
Eclipse ThreadX NetX Duo 安全漏洞
Eclipse ThreadX NetX Duo is an IPv4 and IPv6 dual network stack for Eclipse ThreadX open source. A security vulnerability exists in Eclipse ThreadX NetX Duo versions prior to 6.4.4, which stems from incorrect boundary checking of an Eclipse Foundation ThreadX component, which could lead to...
EUVD-2023-35054
Malicious code in bioql PyPI...
EUVD-2023-24378
Malicious code in bioql PyPI...
EUVD-2025-8416
Malicious code in bioql PyPI...
EUVD-2025-16045
Malicious code in bioql PyPI...
EUVD-2023-24302
Malicious code in bioql PyPI...
CVE-2025-20258
A vulnerability in the self-service portal of Cisco Duo could allow an unauthenticated, remote attacker to inject arbitrary commands into emails that are sent by the service. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting...
CVE-2025-20258
A vulnerability in the self-service portal of Cisco Duo could allow an unauthenticated, remote attacker to inject arbitrary commands into emails that are sent by the service. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting...
PT-2025-22397 · Cisco · Cisco Duo
Name of the Vulnerable Software and Affected Versions: Cisco Duo affected versions not specified Description: A vulnerability in the self-service portal could allow an unauthenticated, remote attacker to inject arbitrary commands into emails sent by the service. This issue is due to insufficient...
CVE-2025-2259
In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.3, an attacker can cause an integer underflow and a subsequent denial of service by writing a very large file, by specially crafted packets with Content-Length in one packet smaller than the data request size of the...
CVE-2025-2867
An issue has been discovered in the GitLab Duo with Amazon Q affecting all versions from 17.8 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1. A specifically crafted issue could manipulate AI-assisted development features to potentially expose sensitive project data to unauthorized...
CVE-2025-2867 Improper Control of Generation of Code ('Code Injection') in GitLab
An issue has been discovered in the GitLab Duo with Amazon Q affecting all versions from 17.8 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1. A specifically crafted issue could manipulate AI-assisted development features to potentially expose sensitive project data to unauthorized...
Cisco Duo Security Vulnerability
Cisco Duo is a fully managed solution from Cisco, Inc. providing secure access to your applications and data. A security vulnerability exists in Cisco Duo that stems from a flaw in the logging component that could allow an authenticated, local attacker to view sensitive information in plaintext o...
CVE-2023-30690
Improper input validation vulnerability in Duo prior to SMR Oct-2023 Release 1 allows local attackers to launch privileged activities...
SAMSUNG Mobile devices Input Validation Error Vulnerability
SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc. from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices SMR Oct-2023 Release 1 version, which stems from an incorrect input validation vulnerability ...
PT-2023-2213 · Cisco · Cisco Duo
Name of the Vulnerable Software and Affected Versions: Cisco Duo versions affected versions not specified Description: The issue is related to a vulnerability in the offline access mode of Cisco Duo Two-Factor Authentication, which could allow an unauthenticated, physical attacker to replay valid...