EUVD-2025-25795

Malicious code in bioql PyPI...

EUVD-2025-25800

Malicious code in bioql PyPI...

CVE-2025-25733

CVE-2025-25733 concerns an improper access control in the SPI Flash Chip of Kapsch TrafficCom RIS-9160 and RIS-9260 Roadside Units (RSUs). Affected versions are 3.2.0.829.23, 3.8.0.1119.42, and 4.6.0.1211.28. The root cause is improper SPI Flash Chip access control, enabling physically proximate ...

CVE-2025-25735

Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units RSUs v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to lack SPI Protected Range Registers PRRs, allowing attackers with software running on the system to modify SPI flash in real-time...

CVE-2025-25737

Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units RSUs v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to lack secure password requirements for its BIOS Supervisor and User accounts, allowing attackers to bypass authentication via a bruteforce attack...

CVE-2025-25734

Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units RSUs v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 was discovered to contain an unauthenticated EFI shell which allows attackers to execute arbitrary code or escalate privileges during the boot process...

CVE-2025-25732

The CVE-2025-25732 entry concerns Kapsch TrafficCom RIS-9160 and RIS-9260 Roadside Units (RSUs) with software versions 3.2.0.829.23, 3.8.0.1119.42, and 4.6.0.1211.28. The vulnerability stems from improper access control in the EEPROM component, allowing an attacker to replace password hashes stor...