ROOT-OS-UBUNTU-2404-CVE-2025-71265 CVE-2025-71265 in rootio-linux - Patched by Root

Root has patched CVE-2025-71265 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

ROOT-OS-DEBIAN-12-CVE-2026-23011 CVE-2026-23011 in rootio-linux - Patched by Root

Root has patched CVE-2026-23011 in the rootio-linux package for Root:Debian:12. Multiple fixed versions available...

ROOT-OS-DEBIAN-11-CVE-2026-43182 CVE-2026-43182 in rootio-linux - Patched by Root

Root has patched CVE-2026-43182 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

ROOT-OS-UBUNTU-2204-CVE-2022-50150 CVE-2022-50150 in rootio-linux - Patched by Root

Root has patched CVE-2022-50150 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

ROOT-OS-UBUNTU-2204-CVE-2024-46833 CVE-2024-46833 in rootio-linux - Patched by Root

Root has patched CVE-2024-46833 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

Exploit for Use After Free in Apple Safari

CVE-2025-43529: JavaScriptCore DFG ObjectAllocationSinkingPhas...

EUVD-2023-25582

Malicious code in bioql PyPI...

EUVD-2024-48645

Malicious code in bioql PyPI...

EUVD-2024-54216

Malicious code in bioql PyPI...

EUVD-2023-25586

Malicious code in bioql PyPI...

EUVD-2024-15868

Malicious code in bioql PyPI...

EUVD-2023-25585

Malicious code in bioql PyPI...

EUVD-2024-54217

Malicious code in bioql PyPI...

CVE-2024-7784

During internal Axis Security Development Model ASDM threat-modelling, a flaw was found in the protection for device tampering commonly known as Secure Boot in AXIS OS making it vulnerable to a sophisticated attack to bypass this protection. To Axis' knowledge, there are no known exploits of the...

CVE-2024-0055

Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX APIs mediaclip.cgi and playclip.cgi was vulnerable for file globbing which could lead to a resource exhaustion attack. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis...

CVE-2024-0067

Marinus Pfund, member of the AXIS OS Bug Bounty Program, has found the VAPIX API ledlimit.cgi was vulnerable for path traversal attacks allowing to list folder/file names on the local file system of the Axis device. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer...

CVE-2023-21415

Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API overlaydel.cgi is vulnerable to path traversal attacks that allows for file deletion. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account. Axis has...

CVE-2023-21417

Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API manageoverlayimage.cgi was vulnerable to path traversal attacks that allows for file/folder deletion. This flaw can only be exploited after authenticating with an operator- or administrator- privileged service...

CVE-2025-43858

YoutubeDLSharp is a wrapper for the command-line video downloaders youtube-dl and yt-dlp. In versions starting from 1.0.0-beta4 and prior to 1.1.2, an unsafe conversion of arguments allows the injection of a malicious commands when starting yt-dlp from a commands prompt running on Windows OS with...

CVE-2024-47262

Dzmitry Lukyanenka, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API param.cgi was vulnerable to a race condition attack allowing for an attacker to block access to the web interface of the Axis device. Other API endpoints or services not making use of param.cgi are not...