MiracleLinux 8 : wget-1.19.5-12.el8_10 (AXSA:2024-8669:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8669:01 advisory. wget: Misinterpretation of input may lead to improper behavior CVE-2024-38428 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : wget-1.21.1-8.el9_4 (AXSA:2024-8748:02)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8748:02 advisory. wget: Misinterpretation of input may lead to improper behavior CVE-2024-38428 Tenable has extracted the preceding description block directly from the...

EUVD-2025-28668

Malicious code in bioql PyPI...

EUVD-2022-6900

Malicious code in bioql PyPI...

EUVD-2023-0696

Malicious code in bioql PyPI...

Security Bulletin: Multiple vulnerabilities in IBM Aspera HTTP Gateway

Summary Multiple vulnerabilities were addressed in IBM Aspera HTTP Gateway version 2.3.2. Vulnerability Details CVEID:CVE-2025-36274 DESCRIPTION: IBM Aspera HTTP Gateway stores sensitive information in clear text in easily obtainable files which can be read by an unauthenticated user. CWE:CWE-312...

Misinterpretation of Input

Overview Affected versions of this package are vulnerable to Misinterpretation of Input in the Optimizer component. A privileged attacker can cause the application to become unresponsive or crash by submitting specially crafted data. Remediation Upgrade libmysqlclient to version 8.1.0 or higher...

Misinterpretation of Input

Overview Affected versions of this package are vulnerable to Misinterpretation of Input in the InnoDB component. A privileged attacker can cause the application to become unresponsive or crash repeatedly by sending specially crafted requests. Remediation A fix was pushed into the master branch bu...

CVE-2025-5826

Autel MaxiCharger AC Wallbox Commercial bleprocessesp32msg Misinterpretation of Input Vulnerability. This vulnerability allows network-adjacent attackers to inject arbitrary AT commands on affected installations of Autel MaxiCharger AC Wallbox Commercial charging stations. Authentication is not...

CVE-2025-5826

Autel MaxiCharger AC Wallbox Commercial bleprocessesp32msg Misinterpretation of Input Vulnerability. This vulnerability allows network-adjacent attackers to inject arbitrary AT commands on affected installations of Autel MaxiCharger AC Wallbox Commercial charging stations. Authentication is not...

CVE-2025-5826

Autel MaxiCharger AC Wallbox Commercial bleprocessesp32msg Misinterpretation of Input Vulnerability. This vulnerability allows network-adjacent attackers to inject arbitrary AT commands on affected installations of Autel MaxiCharger AC Wallbox Commercial charging stations. Authentication is not...

CVE-2025-5826 Autel MaxiCharger AC Wallbox Commercial ble_process_esp32_msg Misinterpretation of Input Vulnerability

Autel MaxiCharger AC Wallbox Commercial bleprocessesp32msg Misinterpretation of Input Vulnerability. This vulnerability allows network-adjacent attackers to inject arbitrary AT commands on affected installations of Autel MaxiCharger AC Wallbox Commercial charging stations. Authentication is not...

CVE-2025-5826

CVE-2025-5826 concerns Autel MaxiCharger AC Wallbox Commercial. The flaw is in the ble_process_esp32_msg function, arising from misinterpretation of input data. It allows network-adjacent attackers to inject arbitrary AT commands in the device context without authentication. Documented impact is ...

Autel MaxiCharger AC Wallbox Commercial 安全漏洞

Autel MaxiCharger AC Wallbox Commercial is a smart AI electric car charger from Autel USA. The Autel MaxiCharger AC Wallbox Commercial suffers from a command execution vulnerability that stems from a bleprocessesp32msg function input misinterpretation, which can be exploited by an attacker to cau...

(Pwn2Own) Autel MaxiCharger AC Wallbox Commercial ble_process_esp32_msg Misinterpretation of Input Vulnerability

This vulnerability allows network-adjacent attackers to inject arbitrary AT commands on affected installations of Autel MaxiCharger AC Wallbox Commercial charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the bleprocessesp32msg functio...

CVE-2025-5747

WOLFBOX Level 2 EV Charger MCU Command Parsing Misinterpretation of Input Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installatons of WOLFBOX Level 2 EV Charger devices. Authentication is required to exploit this...

CVE-2025-5747 WOLFBOX Level 2 EV Charger MCU Command Parsing Misinterpretation of Input Remote Code Execution Vulnerability

WOLFBOX Level 2 EV Charger MCU Command Parsing Misinterpretation of Input Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installatons of WOLFBOX Level 2 EV Charger devices. Authentication is required to exploit this...

(0Day) (Pwn2Own) WOLFBOX Level 2 EV Charger MCU Command Parsing Misinterpretation of Input Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installatons of WOLFBOX Level 2 EV Charger devices. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of command frames received by the MCU. When parsing...

CVE-2022-48471

There is a misinterpretation of input vulnerability in Huawei Printer. Successful exploitation of this vulnerability may cause the printer service to be abnormal...

CVE-2022-48473

There is a misinterpretation of input vulnerability in Huawei Printer. Successful exploitation of this vulnerability may cause the printer service to be abnormal...