24 matches found
CVE-2026-21265
Windows Secure Boot stores Microsoft certificates in the UEFI KEK and DB. These original certificates are approaching expiration, and devices containing affected certificate versions must update them to maintain Secure Boot functionality and avoid compromising security by losing security fixes...
EUVD-2020-20049
Malware in sbrugna...
EUVD-2016-10179
Malware in sbrugna...
EUVD-2023-35506
Malicious code in bioql PyPI...
EUVD-2024-43158
Malicious code in bioql PyPI...
EUVD-2022-49689
Malicious code in bioql PyPI...
EUVD-2025-23699
Malicious code in bioql PyPI...
EUVD-2022-49240
Malicious code in bioql PyPI...
CVE-2025-8645
The CVE-2025-8645 issue affects Kenwood DMX958XR firmware update handling. The root cause is insufficient validation of a user-supplied string before invoking a system call during the firmware update process, enabling a physically present attacker to execute arbitrary code with root privileges. P...
CVE-2025-8645 Kenwood DMX958XR Firmware Update Command Injection Vulnerability
Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within t...
CVE-2025-8630 Kenwood DMX958XR Firmware Update Command Injection Vulnerability
Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within t...
PT-2025-32044 · Kenwood · Kenwood Dmx958Xr
Name of the Vulnerable Software and Affected Versions: Kenwood DMX958XR affected versions not specified Description: This issue allows physically present attackers to execute arbitrary code on affected Kenwood DMX958XR devices without authentication. The flaw resides in the firmware update proces...
PT-2025-32049 · Kenwood · Kenwood Dmx958Xr
Name of the Vulnerable Software and Affected Versions: Kenwood DMX958XR affected versions not specified Description: This issue allows attackers with physical access to execute arbitrary code on affected Kenwood DMX958XR devices. The flaw resides in the firmware update process due to insufficient...
PT-2025-32038 · Kenwood · Kenwood Dmx958Xr
Name of the Vulnerable Software and Affected Versions: Kenwood DMX958XR affected versions not specified Description: This issue allows physically present attackers to execute arbitrary code on affected installations. Authentication is not required for exploitation. The flaw resides in the firmwar...
CVE-2022-30316
Honeywell Experion PKS Safety Manager 5.02 has Insufficient Verification of Data Authenticity. According to FSCT-2022-0054, there is a Honeywell Experion PKS Safety Manager unauthenticated firmware update issue. The affected components are characterized as: Firmware update functionality. The...
CVE-2022-46914
An issue in the firmware update process of TP-LINK TL-WA801N / TL-WA801ND V1 v3.12.16 and earlier allows attackers to execute arbitrary code or cause a Denial of Service DoS via uploading a crafted firmware image...
CVE-2022-46422
An issue in Netgear WNR2000 v1 1.2.3.7 and earlier allows authenticated attackers to cause a Denial of Service DoS via uploading a crafted firmware image during the firmware update process...
CVE-2022-46435
An issue in the firmware update process of TP-Link TL-WR941ND V2/V3 up to 3.13.9 and TL-WR941ND V4 up to 3.12.8 allows attackers to execute arbitrary code or cause a Denial of Service DoS via uploading a crafted firmware image...
CVE-2019-14707
An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. The firmware update process is insecure, leading to remote code execution. The attacker can provide arbitrary firmware in a .dat file via a webparam?system=set URI...
PT-2025-5827 · Honeywell · Honeywell Onewireless Wireless Device Manager
Name of the Vulnerable Software and Affected Versions: Honeywell OneWireless Wireless Device Manager WDM versions R310.x through R330.1 Description: The issue concerns a command injection vulnerability. An authenticated attacker could potentially exploit this vulnerability through the firmware...