Malicious code in @autofleet/rabbit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a766d89a5ed19491bd107e5d31c79fbbe7a9be9bce2a957b290408fb9f54140c The package's compiled entry dist/index.js:48 defines let host = process.env.RABBITMQSERVICEHOST || '35.240.13.28' and then connects via...

MillieRCE

MillieRCE Millie is an advanced browser-based remote code exec...

CVE-2026-7546

A security vulnerability has been detected in Totolink NR1800X 9.1.0u.6279B20210910. The impacted element is the function findhostip of the component lighttpd. Such manipulation of the argument Host leads to stack-based buffer overflow. The attack can be executed remotely. The exploit has been...

PT-2026-36293

Name of the Vulnerable Software and Affected Versions Totolink NR1800X version 9.1.0u.6279 B20210910 Description A stack-based buffer overflow exists in the lighttpd component. This issue occurs when the find host ip function improperly handles the Host argument, allowing a remote attacker to...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986837)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986837 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Fix UAF during login when accessing the shost ipaddress If during...

EUVD-2024-32850

Malicious code in bioql PyPI...

EUVD-2025-15968

Malicious code in bioql PyPI...

EUVD-2025-15973

Malicious code in bioql PyPI...

CVE-2025-44890

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the hostip parameter in the websnmpnotifyv3addpost function...

PLANET FW-WGS-804HPT 安全漏洞

PLANET FW-WGS-804HPT is a wall-mounted managed switch from PLANET China. A security vulnerability exists in PLANET FW-WGS-804HPT v1.305b241111, which originates from a stack overflow in the hostip parameter of the websnmpv3hostaddpost function...

CVE-2025-44891

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the hostip parameter in the websnmpv3hostaddpost function...

CVE-2025-44890

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the hostip parameter in the websnmpnotifyv3addpost function...

PT-2025-22303 · Unknown · Fw-Wgs-804Hpt

Name of the Vulnerable Software and Affected Versions: FW-WGS-804HPT version 1.305b241111 Description: A stack overflow issue was discovered via the host ip parameter in the web snmp v3host add post function. Recommendations: For FW-WGS-804HPT version 1.305b241111, consider restricting access to...

D-Link DI-8100 安全漏洞

The D-Link DI-8100 is a wireless broadband router designed for small to medium-sized network environments from China's D-Link. A buffer overflow vulnerability exists in the D-Link DI-8100 version 16.07.26A1, which originates from the hostip parameter in the ipsecroadasp function failing to proper...

CVE-2025-28395

D-LINK DI-8100 16.07.26A1 is vulnerable to Buffer Overflow in the ipsecroadasp function via the hostip parameter...

UBUNTU-CVE-2023-52974

In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Fix UAF during login when accessing the shost ipaddress If during iscsiswtcpsessioncreate iscsitcpr2tpoolalloc fails, userspace could be accessing the host's ipaddress attr. If we then free the session via...

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A resource management error vulnerability exists in Linux kernel, which stems from a possible post-release reuse of the scsi iscsitcp component when accessing the host ipaddres...

CVE-2024-52755

D-LINK DI-8003 v16.07.26A1 was discovered to contain a buffer overflow via the hostip parameter in the ipsecroadasp function...

D-Link DI-8003 安全漏洞

The D-LINK DI-8003 is a router product manufactured by D-LINK. A buffer overflow vulnerability exists in the D-LINK DI-8003 product. The vulnerability stems from a buffer overflow issue in the hostip parameter of the ipsecroadasp function. No detailed vulnerability details are available at this...

CVE-2024-4300

E-WEBInformationCo. FS-EZViewerWeb exposes sensitive information in the service. A remote attacker can obtain the database configuration file path through the webpage source code without login. Accessing this path allows attacker to obtain the database credential with the highest privilege and...