CVE-2025-14300

The HTTPS service on Tapo C200 V3 exposes a connectAP interface without proper authentication. An unauthenticated attacker on the same local network segment can exploit this to modify the device’s Wi-Fi configuration, resulting in loss of connectivity and denial-of-service DoS...

EUVD-2015-5491

Malware in sbrugna...

EUVD-2001-0597

Malware in sbrugna...

EUVD-2024-25100

Malicious code in bioql PyPI...

EUVD-2024-54699

Malicious code in bioql PyPI...

EUVD-2024-25099

Malicious code in bioql PyPI...

CVE-2024-51977

An unauthenticated attacker who can access either the HTTP service TCP port 80, the HTTPS service TCP port 443, or the IPP service TCP port 631, can leak several pieces of sensitive information from a vulnerable device. The URI path /etc/mntinfo.csv can be accessed via a GET request and no...

CVE-2024-51979

An authenticated attacker may trigger a stack based buffer overflow by performing a malformed request to either the HTTP service TCP port 80, the HTTPS service TCP port 443, or the IPP service TCP port 631. The malformed request will contain an empty Origin header value and a malformed Referer...

CVE-2024-51977

An unauthenticated attacker who can access either the HTTP service TCP port 80, the HTTPS service TCP port 443, or the IPP service TCP port 631, can leak several pieces of sensitive information from a vulnerable device. The URI path /etc/mntinfo.csv can be accessed via a GET request and no...

CVE-2024-51979

CVE-2024-51979 describes a stack-based buffer overflow triggered by authenticated requests to HTTP/HTTPS/IPP services (ports 80/443/631) on multiple multifunction printer platforms. The exploit is via malformed Origin and Referer headers, with the Referer host value exceeding 64 bytes. Connected ...

CVE-2024-51979 Authenticated stack based buffer overflow affecting multiple models from Brother Industries, Ltd, FUJIFILM Business Innovation, Ricoh, and Konica Minolta, Inc.

An authenticated attacker may trigger a stack based buffer overflow by performing a malformed request to either the HTTP service TCP port 80, the HTTPS service TCP port 443, or the IPP service TCP port 631. The malformed request will contain an empty Origin header value and a malformed Referer...

EUVD-2024-54705

An unauthenticated attacker who can access either the HTTP service TCP port 80, the HTTPS service TCP port 443, or the IPP service TCP port 631, can leak several pieces of sensitive information from a vulnerable device. The URI path /etc/mntinfo.csv can be accessed via a GET request and no...

PT-2025-26812 · Hewlett Packard · Hp Ipp

Name of the Vulnerable Software and Affected Versions: HP IPP versions affected versions not specified Description: An authenticated attacker can trigger a stack-based buffer overflow by sending a malformed request to the HTTP service TCP port 80, the HTTPS service TCP port 443, or the IPP servic...

CVE-2024-27909

A denial of service vulnerability was reported in the HTTPS service of some Lenovo Printers that could result in a system reboot...

CVE-2024-27908

A buffer overflow vulnerability was reported in the HTTPS service of some Lenovo Printers that could result in denial of service...

CVE-2024-27909

A denial of service vulnerability was reported in the HTTPS service of some Lenovo Printers that could result in a system reboot...

CVE-2024-27908

A buffer overflow vulnerability was reported in the HTTPS service of some Lenovo Printers that could result in denial of service...

PT-2024-22124 · Lenovo · Lenovo Printers

Name of the Vulnerable Software and Affected Versions: Lenovo Printers affected versions not specified Description: A buffer overflow vulnerability was reported in the HTTPS service of some Lenovo Printers that could result in denial of service. Recommendations: At the moment, there is no...

Airspan AirSpot pingDiagnostic command injection

Added: 09/27/2022 Background Airspan AirSpot 5410 is an advanced, LTE, CAT12, outdoor, multi-service product specifically designed to meet data needs for residential, business and enterprise users. Problem A command injection vulnerability when diagnostics.cgi handles the pingDiagnostic command...

Airspan AirSpot pingDiagnostic command injection

Added: 09/27/2022 Background Airspan AirSpot 5410 is an advanced, LTE, CAT12, outdoor, multi-service product specifically designed to meet data needs for residential, business and enterprise users. Problem A command injection vulnerability when diagnostics.cgi handles the pingDiagnostic command...