CVE-2020-36937 MEMU PLAY 3.7.0 - 'MEmusvc' Unquoted Service Path

Microvirt MEMU Play 3.7.0 contains an unquoted service path vulnerability in the MEmusvc Windows service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path to inject malicious executables that will be run with elevated LocalSystem...

CVE-2020-36937

Microvirt MEMU Play 3.7.0 contains an unquoted service path vulnerability in the MEmusvc Windows service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path to inject malicious executables that will be run with elevated LocalSystem...

Microvirt MEMU Play code issue vulnerabilities

Microvirt MEMU Play is a Windows computer Android emulator developed by Microvirt Corporation. Version 3.7.0 of Microvirt MEMU Play contains a code vulnerability; this vulnerability arises from the lack of quotation marks around service paths, which may allow for the execution of arbitrary code...

Security update for podman (important)

openSUSE security update: security update for podman ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20072-1 Rating: important References: bsc1249154 bsc1252376 Cross-References: CVE-2025-31133 CVE-2025-52565 CVE-2025-52881 CVE-2025-9566 CVSS scores...

Google to Pay $8.25M Settlement Over Child Data Tracking in Play Store

Is your child's data safe? Google settles for $8.25M over claims it tracked kids under 13 without parental…...

CVE-2021-47854

DD-WRT version 45723 contains a buffer overflow vulnerability in the UPNP network discovery service that allows remote attackers to potentially execute arbitrary code. Attackers can send crafted M-SEARCH packets with oversized UUID payloads to trigger buffer overflow conditions on the target devi...

EUVD-2026-3629

DD-WRT version 45723 contains a buffer overflow vulnerability in the UPNP network discovery service that allows remote attackers to potentially execute arbitrary code. Attackers can send crafted M-SEARCH packets with oversized UUID payloads to trigger buffer overflow conditions on the target devi...

CVE-2021-47854 DD-WRT 45723 - UPNP Buffer Overflow

DD-WRT version 45723 contains a buffer overflow vulnerability in the UPNP network discovery service that allows remote attackers to potentially execute arbitrary code. Attackers can send crafted M-SEARCH packets with oversized UUID payloads to trigger buffer overflow conditions on the target devi...

CVE-2021-47854

DD-WRT version 45723 contains a buffer overflow vulnerability in the UPNP network discovery service that allows remote attackers to potentially execute arbitrary code. Attackers can send crafted M-SEARCH packets with oversized UUID payloads to trigger buffer overflow conditions on the target devi...

SUSE-SU-2026:20103-1 Security update for podman

This update for podman fixes the following issues: - CVE-2025-31133,CVE-2025-52565,CVE-2025-52881: container breakouts by bypassing runc's restrictions for writing to arbitrary /proc files bsc1252376. - CVE-2025-9566: kube play command may overwrite host files bsc1249154...

SUSE-SU-2026:20116-1 Security update for podman

This update for podman fixes the following issues: - CVE-2025-31133,CVE-2025-52565,CVE-2025-52881: container breakouts by bypassing runc's restrictions for writing to arbitrary /proc files bsc1252376. - CVE-2025-9566: kube play command may overwrite host files bsc1249154...

OPENSUSE-SU-2026:20072-1 Security update for podman

This update for podman fixes the following issues: - CVE-2025-31133,CVE-2025-52565,CVE-2025-52881: container breakouts by bypassing runc's restrictions for writing to arbitrary /proc files bsc1252376. - CVE-2025-9566: kube play command may overwrite host files bsc1249154...

DD-WRT security vulnerabilities

DD-WRT is an open-source alternative firmware based on Linux, developed by DD-WRT. It is suitable for various WLAN routers and embedded systems. Version DD-WRT 45723 contains a security vulnerability, which stems from a buffer overflow in the UPNP network discovery service. This vulnerability cou...

PT-2026-3807

DD-WRT version 45723 contains a buffer overflow vulnerability in the UPNP network discovery service that allows remote attackers to potentially execute arbitrary code. Attackers can send crafted M-SEARCH packets with oversized UUID payloads to trigger buffer overflow conditions on the target devi...

CVE-2025-55423

A command injection vulnerability exists in the upnprelay function in multiple ipTIME router models because the controlURL value used to pass port-forwarding information to an upper router is passed to system without proper validation or sanitization, allowing OS command injection...

MiracleLinux 8 : gssdp-1.0.5-1.el8, gupnp-1.0.6-1.el8 (AXSA:2021-2048:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2048:01 advisory. hostapd: UPnP SUBSCRIBE misbehavior in WPS AP CVE-2020-12695 Tenable has extracted the preceding description block directly from the MiracleLinux security...

CVE-2025-63648

A NULL pointer dereference in the dacpreplyplayqueueeditmove function src/httpddacp.c of owntone-server commit b7e385f allows attackers to cause a Denial of Service DoS via sending a crafted DACP request to the server...

MiracleLinux 8 : gupnp-1.0.6-2.el8 (AXSA:2021-2196:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-2196:02 advisory. gupnp: allows DNS rebinding which could result in tricking browser into triggering actions against local UPnP services CVE-2021-33516 Tenable has extracted t...

CVE-2025-57156

NULL pointer dereference in the dacpreplyplayqueueeditclear function in src/httpddacp.c in owntone-server through commit 6d604a1 newer commit after version 28.12 allows remote attackers to cause a Denial of Service crash...

MiracleLinux 7 : gupnp-1.0.2-6.el7 (AXSA:2021-1998:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-1998:01 advisory. gupnp: allows DNS rebinding which could result in tricking browser into triggering actions against local UPnP services CVE-2021-33516 Tenable has extracted t...