CVE-2025-12357

By manipulating the Signal Level Attenuation Characterization SLAC protocol with spoofed measurements, an attacker can stage a man-in-the-middle attack between an electric vehicle and chargers that comply with the ISO 15118-2 part. This vulnerability may be exploitable wirelessly, within close...

PT-2025-44639

Name of the Vulnerable Software and Affected Versions ISO 15118-2 compliant EV charging systems affected versions not specified Description A flaw exists in the Signal Level Attenuation Characterization SLAC protocol used in electric vehicle EV charging systems that adhere to the ISO 15118-2...

EUVD-2025-34261

A path traversal in StarNet Communications Corporation FastX v.4 through v4.1.51 allows unauthenticated attackers to read arbitrary files...

Oberon microsystem AG ocrypto library 安全漏洞

Oberon microsystem AG ocrypto library is a cryptographic software library from the Swiss company Oberon. A security vulnerability exists in Oberon microsystem AG ocrypto library versions prior to 1.0.0 through 1.5.1, which stems from a padding predicate attack on the AES-CBC PKCS7 decryption...

CVE-2025-50383

alextselegidis Easy!Appointments v1.5.1 was discovered to contain a SQL injection vulnerability via the orderby parameter...

Linux Distros Unpatched Vulnerability : CVE-2020-8116

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Prototype pollution vulnerability in dot-prop npm package versions before 4.2.1 and versions 5.x before 5.1.1 allows an attacker to add arbitrary properties to...

CoreWCF Security Vulnerabilities

CoreWCF is an open source project of the CoreWCF project that aims to provide an alternative implementation of WCF Windows Communication Foundation for .NET Core and .NET 5+. A security vulnerability exists in CoreWCF versions 1.4.1 and 1.5.1, which stems from the fact that a service based on...

CVE-2022-28708

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2 and 15.1.x versions prior to 15.1.5.1, when a BIG-IP DNS resolver-enabled, HTTP-Explicit or SOCKS profile is configured on a virtual server, an undisclosed DNS response can cause the Traffic Management Microkernel TMM process to terminate. Note:...

A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions < 15.2.1 < 14.15.1 and < 12.19.1 by getting the application to resolve a DNS record with a larger number of responses. This is fixed in 15.2.1 14.15.1 and 12.19.1.

...

OpenJPEG Remote Heap Buffer Overflow Vulnerability

OpenJPEG is a C-based open source JPEG 2000 codec . A remote heap buffer overflow vulnerability exists in OpenJPEG versions 1.3 and 1.5.1. An attacker could exploit this vulnerability to execute arbitrary code in the context of a user-run application, which could also result in a denial of servic...