115 matches found
CVE-2026-58520
URL redirection to untrusted site 'open redirect' vulnerability in The Wikimedia Foundation Mediawiki - UrlShortener Extension allows Cross-Site Flashing. This issue affects Mediawiki - UrlShortener Extension: from before 1.43.9, 1.44.6, 1.45.4...
EUVD-2026-41099
URL redirection to untrusted site 'open redirect' vulnerability in The Wikimedia Foundation Mediawiki - UrlShortener Extension allows Cross-Site Flashing. This issue affects Mediawiki - UrlShortener Extension: from before 1.43.9, 1.44.6, 1.45.4...
CVE-2026-58520
CVE-2026-58520 affects the Wikimedia Foundation Mediawiki UrlShortener Extension. The issue is an open redirect: URL redirection to an untrusted site in the UrlShortener extension, impacting versions from before 1.43.9, 1.44.6, and 1.45.4. The connected documents provide the vulnerability descrip...
CVE-2025-15645
Ledger Nano X, Flex, and Stax devices contain a denial of service vulnerability in the MCU firmware update process due to missing validation of the resethandler parameter during firmware flashing. An attacker can provide a crafted resethandler address pointing to invalid memory or...
PT-2026-42020
Name of the Vulnerable Software and Affected Versions Ledger Nano X affected versions not specified Ledger Flex affected versions not specified Ledger Stax affected versions not specified Description A denial of service issue exists in the MCU firmware update process. The flaw is caused by missin...
CVE-2026-30332
A Time-of-Check to Time-of-Use TOCTOU race condition vulnerability in Balena Etcher for Windows prior to v2.1.4 allows attackers to escalate privileges and execute arbitrary code via replacing a legitimate script with a crafted payload during the flashing process...
EUVD-2026-18350
A Time-of-Check to Time-of-Use TOCTOU race condition vulnerability in Balena Etcher for Windows prior to v2.1.4 allows attackers to escalate privileges and execute arbitrary code via replacing a legitimate script with a crafted payload during the flashing process...
CVE-2026-30332
A Time-of-Check to Time-of-Use TOCTOU race condition vulnerability in Balena Etcher for Windows prior to v2.1.4 allows attackers to escalate privileges and execute arbitrary code via replacing a legitimate script with a crafted payload during the flashing process...
PT-2026-29795
A Time-of-Check to Time-of-Use TOCTOU race condition vulnerability in Balena Etcher for Windows prior to v2.1.4 allows attackers to escalate privileges and execute arbitrary code via replacing a legitimate script with a crafted payload during the flashing process...
CVE-2026-30332
A Time-of-Check to Time-of-Use TOCTOU race condition vulnerability in Balena Etcher for Windows prior to v2.1.4 allows attackers to escalate privileges and execute arbitrary code via replacing a legitimate script with a crafted payload during the flashing process...
CVE-2026-30332
A Time-of-Check to Time-of-Use TOCTOU race condition vulnerability in Balena Etcher for Windows prior to v2.1.4 allows attackers to escalate privileges and execute arbitrary code via replacing a legitimate script with a crafted payload during the flashing process...
CVE-2026-30332
A Time-of-Check to Time-of-Use TOCTOU race condition vulnerability in Balena Etcher for Windows prior to v2.1.4 allows attackers to escalate privileges and execute arbitrary code via replacing a legitimate script with a crafted payload during the flashing process...
CVE-2026-30332
Balena Etcher for Windows versions before 2.1.4 is vulnerable to a TOCTOU race during flashing. An attacker can replace a temporary .cmd file created in a user-writable temp directory with a crafted payload, which is then executed with elevated privileges via Windows UAC, allowing privilege escal...
CVE-2026-0715
CVE-2026-0715 affects Moxa Arm-based industrial computers running Moxa Industrial Linux Secure. A device-unique bootloader password provided on the device can enable an attacker with physical access to reach the bootloader menu via a serial interface. The bootloader still enforces digital signatu...
CVE-2025-1269
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in HAVELSAN Liman MYS allows Cross-Site Flashing. This issue affects Liman MYS: before 2.1.1 - 1010...
PT-2025-50537
Name of the Vulnerable Software and Affected Versions Meatmeet basestation devices with ESP32 system on a chip affected versions not specified Description The ESP32 system on a chip used in Meatmeet basestation devices lacks Secure Boot functionality. Secure Boot verifies the authenticity of...
Meatmeet Pro BBQ Thermometer 安全漏洞
Meatmeet Pro BBQ Thermometer is an advanced smart thermometer from Meatmeet. A security vulnerability exists in the Meatmeet Pro BBQ Thermometer that stems from an undisabled JTAG debugging interface, which could lead to malicious firmware flashing and unauthorized network access...
EUVD-2017-2664
Malware in sbrugna...
EUVD-2018-15620
Malware in sbrugna...
EUVD-2017-18614
Malware in sbrugna...