CVE-2025-10225

CVE-2025-10225 affects AxxonSoft Axxon One (C-Werk) 2.0.6 and earlier on Windows, in the OpenSSL-based session module. The issue is an improper restriction of operations within a memory buffer (CWE-119) that can trigger memory reallocation errors when handling expired session keys under high load...

Linux Distros Unpatched Vulnerability : CVE-2017-8401

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In SWFTools 0.9.2, an out-of-bounds read of heap data can occur in the function pngload in lib/png.c:724. This issue can be triggered by a malformed PNG file th...

PT-2025-37044

Name of the Vulnerable Software and Affected Versions: AxxonSoft Axxon One versions 2.0.6 and earlier Description: A flaw exists in the OpenSSL-based session module that, under high load conditions, can lead to application crashes or unpredictable behavior. This is due to memory reallocation erro...

Linux Distros Unpatched Vulnerability : CVE-2017-16794

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The pngload function in lib/png.c in SWFTools 0.9.2 does not properly validate a multiplication of width and bits-per-pixel values, which allows remote attacker...

Linux Distros Unpatched Vulnerability : CVE-2022-35080

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via pngload at /lib/png.c. CVE-2022-35080 Note that Nessus relies on the presence of t...

Linux Distros Unpatched Vulnerability : CVE-2022-24685

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HashiCorp Nomad and Nomad Enterprise 1.0.17, 1.1.11, and 1.2.5 allow invalid HCL for the jobs parse endpoint, which may cause excessive CPU usage. Fixed in...

Linux Distros Unpatched Vulnerability : CVE-2025-6714

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MongoDB Server's mongos component can become unresponsive to new connections due to incorrect handling of incomplete data. This affects MongoDB when configured...

Deserialization of Untrusted Data

Overview monai is an AI Toolkit for Healthcare Imaging Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the load function in the bundle/scripts.py file, which uses torch.load with weightsonly=True parameter. An attacker can execute arbitrary commands by...

CVE-2025-40802

A vulnerability has been identified in RUGGEDCOM RST2428P 6GK6242-6PA00 All versions. The affected device may be susceptible to resource exhaustion when subjected to high volumes of query requests. This could allow an attacker to cause a temporary denial of service, with the system recovering onc...

PT-2025-36685

Name of the Vulnerable Software and Affected Versions: RUGGEDCOM RST2428P 6GK6242-6PA00 affected versions not specified Description: A vulnerability exists that may cause resource exhaustion when subjected to high volumes of query requests. This could allow an attacker to cause a temporary denial...

UTT 1200GW 安全漏洞

The UTT 1200GW is an enterprise-grade wireless router from Atech Technology UTT designed to meet the networking needs of small to medium-sized businesses or large space office environments. The UTT 1200GW suffers from a buffer overflow vulnerability that originates from the sub4B48F8 function in...

CVE-2025-57816

CVE-2025-57816 concerns the Fides Webserver API rate limiting. The issue arises in deployments that rely on the built‑in IP‑based rate limiter in proxied environments (CDNs, proxies, load balancers): limits are applied to the immediate connection IP rather than the client IP, and counters are sto...

CVE-2025-22441

In getContextForResourcesEnsuringCorrectCachedApkPaths of RemoteViews.java, there is a possible way to load arbitrary java code in a privileged context due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is...

Exploit for Observable Discrepancy in Intel Atom_C

This is a tool for checking the state of software mitigations against Spectre and Meltdown vulnerabilities. It uses the NtQuerySystemInformation API call to report the data as seen by the Windows Kernel. The tool is currently optimized for Microsoft Windows 7-10 and uses the best-working exploit...

MaraDNS

MaraDNS is an open-source DNS server. It is a small, lightweight, and highly customizable DNS server that can be used as an authoritative or recursive nameserver. MaraDNS is written in C and is designed to be easy to configure and use. The repository contains a variety of files, including a READM...

Linux Distros Unpatched Vulnerability : CVE-2025-30162

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cilium is a networking, observability, and security solution with an eBPF-based dataplane. For Cilium users who use Gateway API for Ingress for some services an...

SUSE CVE-2025-55305

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. In versions below 35.7.5, 36.0.0-alpha.1 through 36.8.0, 37.0.0-alpha.1 through 37.3.1 and 38.0.0-alpha.1 through 38.0.0-beta.6, ASAR Integrity Bypass via resource modification. This only impac...

DEBIAN-CVE-2025-39715

In the Linux kernel, the following vulnerability has been resolved: parisc: Revise gateway LWS calls to probe user read access We use load and stbys,e instructions to trigger memory reference interruptions without writing to memory. Because of the way read access support is implemented, read acce...

Linux Distros Unpatched Vulnerability : CVE-2024-9622

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in the resteasy-netty4 library arising from improper handling of HTTP requests using smuggling techniques. When an HTTP smuggling...

CVE-2025-55305 Electron is vulnerable to Code Injection via resource modification

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. In versions below 35.7.5, 36.0.0-alpha.1 through 36.8.0, 37.0.0-alpha.1 through 37.3.1 and 38.0.0-alpha.1 through 38.0.0-beta.6, ASAR Integrity Bypass via resource modification. This only impac...