CVE-2025-29338

NXP moal.ko Wi-Fi driver 5.1.7.10 FW version from v17.92.1.p149.43 To v17.92.1.p149.157 was discovered to contain a buffer overflow via the modpara parameter in the woalinitmoduleparam function...

CVE-2026-24439 Tenda W30E V2 Lacks X-Content-Type-Options Header

Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.195037 fail to include the X-Content-Type-Options: nosniff response header on web management interfaces. As a result, browsers that perform MIME sniffing may incorrectly interpret attacker-influenced responses as executable...

CVE-2025-63218

The Axel Technology WOLF1MS and WOLF2MS devices firmware versions 0.8.5 to 1.0.3 are vulnerable to Broken Access Control due to missing authentication on the /cgi-bin/gstFcgi.fcgi endpoint. Unauthenticated remote attackers can list user accounts, create new administrative users, delete users, and...

IBM PowerVM Hypervisor 安全漏洞

IBM PowerVM Hypervisor is an application from International Business Machines IBM, Inc. Providing a secure and scalable virtualized environment, these applications are built on the advanced RAS features and leading performance of the Power Systems platform. A security vulnerability exists in IBM...

CVE-2025-47421 Privilege escalation via SCP login

Improper Neutralization of Argument Delimiters in a Command 'Argument Injection' vulnerability in CRESTRON TOUCHSCREENS x70 allows Argument Injection.This issue affects TOUCHSCREENS x70: from 3.001.0031.001 through 3.001.0034.001. A specially crafted SCP command sent via SSH login string can lead...

PT-2024-13339 · Ibm · Ibm Powervm Hypervisor

Name of the Vulnerable Software and Affected Versions: IBM PowerVM Hypervisor versions FW950.00 through FW950.90 IBM PowerVM Hypervisor versions FW1020.00 through FW1020.40 IBM PowerVM Hypervisor versions FW1030.00 through FW1030.30 Description: The issue allows a system administrator to obtain...

PT-2022-22135 · Ibm · Ibm Power

Name of the Vulnerable Software and Affected Versions: IBM Power versions FW950 through FW1010 Description: The issue arises after a sequence of maintenance operations on Power FW950 and FW1010, leading to an improper configuration of a SRIOV network adapter. This results in the desired VEPA...

CVE-2019-14423

A Remote Code Execution RCE issue in the addon CUx-Daemon 1.11a of the eQ-3 Homematic CCU-Firmware 2.35.16 until 2.45.6 allows remote authenticated attackers to execute system commands as root remotely via a simple HTTP request...

CVE-2018-10730

All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products running firmware version 1.0 to 1.33 are prone to OS command injection...

Intel® 2G Modem firmware buffer overflow vulnerability

Intel® XMM71xx, Intel® XMM72xx, and Intel® XMM73xx are modem firmware products from Intel Corporation USA. A buffer overflow vulnerability exists in the Intel® XMM71xx, XMM72xx, XMM73xx, XMM74xx, and Sofia 3G/R, which use ETWS for modems, allowing remote attackers to potentially execute arbitrary...

CSL DualCom GPRS CS2300-R SPT is vulnerable.

The CSL DualCom GPRS CS2300-R SPT is an alarm signaling board from CSL DualCom, UK, which provides a communication link between the burglar alarm and the monitoring center, allowing signals to be sent to the monitoring center when the alarm goes off, via the mobile network, ordinary phone lines o...