SUSE CVE-2026-34714

Vim before 9.2.0272 allows code execution that happens immediately upon opening a crafted file in the default configuration, because %expr injection occurs with tabpanel lacking PMLE...

EUVD-2026-17160

Vim before 9.2.0272 allows code execution that happens immediately upon opening a crafted file in the default configuration, because %expr injection occurs with tabpanel lacking PMLE...

ThreadFuzzer: Fuzzing Framework for Thread Protocol

With the rapid growth of IoT, secure and efficient mesh networking has become essential. Thread has emerged as a key protocol, widely used in smart-home and commercial systems, and serving as a core transport layer in the Matter standard. This paper presents ThreadFuzzer, the first dedicated...

Malicious code in mle (npm)

The package mle was found to contain malicious code...

MAL-2025-26525 Malicious code in mle (npm)

The package mle was found to contain malicious code...

CVE-2024-13667

The Uncode theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘mle-description’ parameter in all versions up to, and including, 2.9.1.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level acces...

CVE-2024-13667 Uncode <= 2.9.1.6 - Authenticated (Subscriber+) Stored Cross-Site Scripting via mle-description

The Uncode theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘mle-description’ parameter in all versions up to, and including, 2.9.1.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level acces...

MAL-2024-1108 Malicious code in mle-py-connector (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 91bb80bd9d7444d113ce05b2d2abac925c10e36a23ae955fd9ebd682cd046bd1 The OpenSSF Package Analysis project identified 'mle-py-connector' @ 5.9.1 pypi as malicious. It is considered malicious because: - The package...

Malicious code in mle-py-connector (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 91bb80bd9d7444d113ce05b2d2abac925c10e36a23ae955fd9ebd682cd046bd1 The OpenSSF Package Analysis project identified 'mle-py-connector' @ 5.9.1 pypi as malicious. It is considered malicious because: - The package...

OSV-2020-721 Stack-buffer-overflow in ot::NetworkData::NetworkData::GetNextOnMeshPrefix

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=13334 Crash type: Stack-buffer-overflow WRITE Crash state: ot::NetworkData::NetworkData::GetNextOnMeshPrefix ot::Dhcp6::Dhcp6Client::UpdateAddresses ot::Mle::Mle::HandleStateChanged...

OSV-2020-690 UNKNOWN READ in ot::Coap::CoapBase::RemoveResource

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=13369 Crash type: UNKNOWN READ Crash state: ot::Coap::CoapBase::RemoveResource ot::MeshCoP::BorderAgent::Stop ot::Mle::Mle::SetStateDetached...

OSV-2020-496 Stack-buffer-overflow in ot::Mle::Mle::HandleParentResponse

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15382 Crash type: Stack-buffer-overflow READ Crash state: ot::Mle::Mle::HandleParentResponse ot::Mle::Mle::HandleUdpReceive ot::Ip6::Udp::HandleMessage...

OSV-2020-369 UNKNOWN READ in ot::TimerScheduler::Remove

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=13383 Crash type: UNKNOWN READ Crash state: ot::TimerScheduler::Remove ot::Mle::Mle::Stop otThreadSetEnabled...

OSV-2020-258 Stack-buffer-overflow in ot::Message::Write

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19338 Crash type: Stack-buffer-overflow READ 11 Crash state: ot::Message::Write ot::Message::Append ot::Mle::Mle::AppendResponse...

Page code execution vulnerability in MLECMS backend s***_uc***r.php

MLECMS is a multilingual, free and open source content management system. A page code execution vulnerability exists in the MLECMS backend sucr.php. An attacker can exploit the vulnerability to write a webshell to a user-accessible php page to gain server control privileges...

openthread/radio-receive-done-fuzzer: Stack-buffer-overflow in ot::Mle::RouteTlv::GetRouteCost

Project: https://github.com/openthread/openthread.git Detailed report: https://oss-fuzz.com/testcase?key=5295064105353216 Project: openthread Fuzzer: aflopenthreadradio-receive-done-fuzzer Fuzz target binary: radio-receive-done-fuzzer Job Type: aflasanopenthread Platform Id: linux Crash Type:...

MLE-Moodle 0.8.8.4 <= Local File Inclusion Vulnerability

Exploit for php platform in category web applications Exploit Title: MLE-Moodle 0.8.8.4 = Local File Inclusion Vulnerability Date: 19/12/2012 Author: GoLdM Libyan Page FaceBook http://www.facebook.com/pages/وَذَكِّـــرْ/337878286310383 Version: 2.3.0 Category:: Local File Disclosure Vulnerability...

CVE-2009-4419

Intel Q35, GM45, PM45 Express, Q45, and Q43 Express chipsets in the SINIT Authenticated Code Module ACM, which allows local users to bypass the Trusted Execution Technology protection mechanism and gain privileges by modifying the MCHBAR register to point to an attacker-controlled region, which...

CVE-2009-4419

Intel Q35, GM45, PM45 Express, Q45, and Q43 Express chipsets in the SINIT Authenticated Code Module ACM, which allows local users to bypass the Trusted Execution Technology protection mechanism and gain privileges by modifying the MCHBAR register to point to an attacker-controlled region, which...