EUVD-2025-9059

Malicious code in bioql PyPI...

EUVD-2025-9058

Malicious code in bioql PyPI...

CVE-2021-38289

An issue has been discovered in Novastar-VNNOX-iCare Novaicare 7.16.0 that gives attacker privilege escalation and allows attackers to view corporate information and SMTP server details, delete users, view roles, and other unspecified impacts. NOTE: As of April 2026, the vendor has officially...

CVE-2025-3008

A vulnerability classified as critical has been found in Novastar CX40 up to 2.44.0. Affected is the function system/popen of the file /usr/nova/bin/netconfig of the component NetFilter Utility. The manipulation leads to command injection. The exploit has been disclosed to the public and may be...

CVE-2025-3007

A vulnerability was found in Novastar CX40 up to 2.44.0. It has been rated as critical. This issue affects the function getopt of the file /usr/nova/bin/netconfig of the component NetFilter Utility. The manipulation of the argument cmd/netmask/pipeout/nettask leads to stack-based buffer overflow...

CVE-2025-3008

A vulnerability classified as critical has been found in Novastar CX40 up to 2.44.0. Affected is the function system/popen of the file /usr/nova/bin/netconfig of the component NetFilter Utility. The manipulation leads to command injection. The exploit has been disclosed to the public and may be...

CVE-2025-3007

A vulnerability was found in Novastar CX40 up to 2.44.0. It has been rated as critical. This issue affects the function getopt of the file /usr/nova/bin/netconfig of the component NetFilter Utility. The manipulation of the argument cmd/netmask/pipeout/nettask leads to stack-based buffer overflow...

CVE-2025-3008 Novastar CX40 NetFilter Utility netconfig popen command injection

A vulnerability classified as critical has been found in Novastar CX40 up to 2.44.0. Affected is the function system/popen of the file /usr/nova/bin/netconfig of the component NetFilter Utility. The manipulation leads to command injection. The exploit has been disclosed to the public and may be...

CVE-2025-3008 Novastar CX40 NetFilter Utility netconfig popen command injection

A vulnerability classified as critical has been found in Novastar CX40 up to 2.44.0. Affected is the function system/popen of the file /usr/nova/bin/netconfig of the component NetFilter Utility. The manipulation leads to command injection. The exploit has been disclosed to the public and may be...

CVE-2025-3008

CVE-2025-3008 affects Novastar CX40 (up to 2.44.0). The NetFilter Utility’s NetFilter component uses system/popen in /usr/nova/bin/netconfig, enabling command injection. The description notes the exploit has been disclosed publicly and the vendor did not respond. CVSS data from multiple sources a...

CVE-2025-3007 Novastar CX40 NetFilter Utility netconfig getopt stack-based overflow

A vulnerability was found in Novastar CX40 up to 2.44.0. It has been rated as critical. This issue affects the function getopt of the file /usr/nova/bin/netconfig of the component NetFilter Utility. The manipulation of the argument cmd/netmask/pipeout/nettask leads to stack-based buffer overflow...

CVE-2025-3007 Novastar CX40 NetFilter Utility netconfig getopt stack-based overflow

A vulnerability was found in Novastar CX40 up to 2.44.0. It has been rated as critical. This issue affects the function getopt of the file /usr/nova/bin/netconfig of the component NetFilter Utility. The manipulation of the argument cmd/netmask/pipeout/nettask leads to stack-based buffer overflow...

CVE-2025-3007

CVE-2025-3007 affects Novastar CX40 (up to 2.44.0) in the NetFilter Utility, specifically the /usr/nova/bin/netconfig getopt function. The underlying issue is a stack-based buffer overflow caused by manipulation of arguments (cmd, netmask, pipeout, nettask). The advisory notes that the exploit ha...

Novastar CX40 安全漏洞

Novastar CX40 is a 4K LED display controller from Novastar. A security vulnerability exists in Novastar CX40 version 2.44.0 and earlier, which originates from a command injection in the NetFilter Utility component...

Novastar CX40 安全漏洞

Novastar CX40 is a 4K LED display controller from Novastar. A security vulnerability exists in Novastar CX40 version 2.44.0 and earlier, which originates from a stack buffer overflow in the NetFilter Utility component...

service.novastar.tech Cross Site Scripting vulnerability OBB-3859481

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2021-38289

An issue has been discovered in Novastar-VNNOX-iCare Novaicare 7.16.0 that gives attacker privilege escalation and allows attackers to view corporate information and SMTP server details, delete users, view roles, and other unspecified impacts. NOTE: As of April 2026, the vendor has officially...

Privilege escalation

An issue has been discovered in Novastar-VNNOX-iCare Novaicare 7.16.0 that gives attacker privilege escalation and allows attackers to view corporate information and SMTP server details, delete users, view roles, and other unspecified impacts...

CVE-2021-38289

CVE-2021-38289 affects Novastar-VNNOX-iCare Novaicare 7.16.0. The issue enables privilege escalation, allowing an attacker to view corporate information and SMTP server details, delete users, and view roles, among other impacts. Root cause and exact exploit path are not detailed in the provided d...

CVE-2021-38289

An issue has been discovered in Novastar-VNNOX-iCare Novaicare 7.16.0 that gives attacker privilege escalation and allows attackers to view corporate information and SMTP server details, delete users, view roles, and other unspecified impacts. NOTE: As of April 2026, the vendor has officially...