CVE-2025-2348 IROAD Dash Cam FX2 HTTP/RTSP event information disclosure

A vulnerability was found in IROAD Dash Cam FX2 up to 20250308. It has been classified as problematic. Affected is an unknown function of the file /mnt/extsd/event/ of the component HTTP/RTSP. The manipulation leads to information disclosure. The attack needs to be initiated within the local...

CVE-2025-2347

CVE-2025-2347 affects IROAD Dash Cam FX2 (up to 20250308). The vulnerability is in the device registration processing and is triggered by manipulating the Password argument (input: qwertyuiop), which enables use of the default password. The attack requires local-network access, and the exploit ha...

DEBIAN-CVE-2025-2295

EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service...

CVE-2025-26645

Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network...

CVE-2024-12546

...

CVE-2024-12546

...

CVE-2025-2121

A vulnerability classified as critical has been found in Thinkware Car Dashcam F800 Pro up to 20250226. Affected is an unknown function of the component File Storage. The manipulation leads to improper access controls. The attack can only be done within the local network. The exploit has been...

CVE-2025-2121 Thinkware Car Dashcam F800 Pro File Storage access control

A vulnerability classified as critical has been found in Thinkware Car Dashcam F800 Pro up to 20250226. Affected is an unknown function of the component File Storage. The manipulation leads to improper access controls. The attack can only be done within the local network. The exploit has been...

CVE-2025-2121 Thinkware Car Dashcam F800 Pro File Storage access control

A vulnerability classified as critical has been found in Thinkware Car Dashcam F800 Pro up to 20250226. Affected is an unknown function of the component File Storage. The manipulation leads to improper access controls. The attack can only be done within the local network. The exploit has been...

Linux Distros Unpatched Vulnerability : CVE-2025-1006

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Network in Google Chrome prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a crafted web app...

Linux Distros Unpatched Vulnerability : CVE-2024-1077

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Network in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit heap corruption via a malicious file. Chromi...

Linux Distros Unpatched Vulnerability : CVE-2022-36765

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - EDK2 is susceptible to a vulnerability in the CreateHob function, allowing a user to trigger a integer overflow to buffer overflow via a local network. Successf...

CVE-2024-10405

CVE-2024-10405 affects Brocade SANnav prior to 2.3.1b. The issue enables weak TLS ciphers on ports 443 and 18082, allowing a networked attacker to read the SANnav data stream containing monitored Fabric OS switches performance data, port status, zoning information, WWNs, and IP addresses. The des...

FreeBSD : MariaDB -- DoS vulnerability in InnoDB (7bcfca95-e563-11ef-873e-8447094a420f)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 7bcfca95-e563-11ef-873e-8447094a420f advisory. MariaDB reports: Easily exploitable vulnerability allows high privileged attacker with network access v...

CVE-2025-1081

CVE-2025-1081 affects Bharti Airtel Xstream Fiber (up to 20250123) and its WiFi Password Handler. The issue enables use of weak credentials via local-network access, with attack complexity rated as HIGH and affected confidentiality as PARTIAL. Multiple sources note the exploit has been disclosed ...

CVE-2022-21567

Vulnerability in the Oracle Workflow product of Oracle E-Business Suite component: Worklist. Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Workflow. Successful attacks of...

CVE-2022-21292

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Samples. Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Serve...

CVE-2020-14598

Vulnerability in the Oracle CRM Gateway for Mobile Devices product of Oracle E-Business Suite component: Setup of Mobile Applications. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromis...

CVE-2020-14850

Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite component: Flex Fields. Supported versions that are affected are 12.1.3 and 12.2.3 - 12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

CVE-2020-14690

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware component: Analytics Actions. Supported versions that are affected are 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with...