EUVD-2025-8264

Malicious code in bioql PyPI...

CVE-2020-11121

u'Possible buffer overflow in WIFI hal process due to usage of memcpy without checking length of destination buffer' in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile in QCM4290, QCS4290, QM215, QSM8350, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SC8180X,...

CVE-2024-11317

Session Fixation vulnerabilities allow an attacker to fix a users session identifier before login providing an opportunity for session takeover on a product. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

CVE-2024-4106

A vulnerability has been found in FAST/TOOLS and CI Server. The affected products have built-in accounts with no passwords set. Therefore, if the product is operated without a password set by default, an attacker can break into the affected product. The affected products and versions are as...

CentOS 8 : libssh (CESA-2024:0628)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2024:0628 advisory. - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks...

Intel® NUC Advisory

Summary: Potential security vulnerabilities in some Intel® NUC BIOS firmware may allow escalation of privilege, information disclosure or denial of service. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2023-42429 Description:...

Intel® Server Board and Server System Firmware Advisory

Summary: Potential security vulnerabilities in some Intel® Server Board and Server System BIOS firmware may allow escalation of privilege. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2023-34431 Description: Improper input...

CVE-2023-44205

Sensitive information disclosure due to improper authorization. The following products are affected: Acronis Cyber Protect 15 Linux, Windows before build 35979...

CVE-2023-44158

Sensitive information disclosure due to insufficient token field masking. The following products are affected: Acronis Cyber Protect 15 Linux, Windows before build 35979...

JVN#42527152: "FFRI yarai" and "FFRI yarai Home and Business Edition" handle exceptional conditions improperly

"FFRI yarai" and "FFRI yarai Home and Business Edition" provided by FFRI Security, Inc. handle exceptional conditions improperly CWE-703. When the product's Windows Defender management feature is enabled, and Microsoft Defender detects some files matching specific conditions as a threat, the...

CVE-2022-45457

Sensitive information disclosure and manipulation due to improper certification validation. The following products are affected: Acronis Agent Windows before build 29633, Acronis Cyber Protect 15 Windows before build 30984...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2023:0093-1 Rating: important References: 1210618 Cross-References: CVE-2023-2133 CVE-2023-2134 CVE-2023-2135 CVE-2023-2136 CVE-2023-2137 Affected Products: openSUSE Backports SLE-15-SP4 An update that fixes 5...

Hitachi Energy IEC 61850 MMS-Server (Update B)

1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Exploitable remotely Vendor: Hitachi Energy Equipment: IEC 61850 MMS-Server Vulnerability: Improper Resource Shutdown or Release 2. RISK EVALUATION Successful exploitation of this vulnerability could cause products using the IEC 61850 MMS-server...

JSA10570 - 2013-05 Network Management, Identity and Policy Control Security Advisories Released

Problem A new Security, Access, and Acceleration product security advisory bundle has been released. This message contains the links to all the new Pulse Secure Security Advisories that have been released today. Related Links Acknowledgements Risk Level None Risk Assessment Workaround Product...

JVN#01398015: pgAdmin 4 vulnerable to directory traversal

PostgreSQL management tool pgAdmin 4 contains a directory traversal vulnerability CWE-22. Impact A user of the product may change another user's settings or alter the database. Solution Update the Software Update the software to the latest version according to the information provided by the...

JVN#78481846: TP-Link SG105PE vulnerable to authentication bypass

TP-Link SG105PE contains an authentication bypass vulnerability CWE-287. Impact Under certain conditions, an attacker may impersonate an administrator of the product. As a result, information may be obtained and the product's settings may be altered with the privilege of the administrator. Soluti...

JVN#75437943: Aiphone Video Multi-Tenant System Entrance Stations vulnerable to information disclosure

Video Multi-Tenant System Entrance Stations provided by AIPHONE CO., LTD. contain an information disclosure vulnerability CWE-200. Impact An attacker who can obtain specific information of the product and access the product may obtain sensitive information stored in the device. Solution Use the...

JVN#36454862: Multiple vulnerabilities in Trend Micro Apex One and Trend Micro Apex One as a Service

Trend Micro Apex One and Trend Micro Apex One as a Service provided by Trend Micro Incorporated contain multiple vulnerabilities listed below. Improper validation in some components of the rollback mechanism CWE-20 - CVE-2022-40139 Version| Vector| Score ---|---|--- CVSS v3|...

Intel® Connect M Android App Advisory

Summary: A potential security vulnerability in the Intel® Connect Mobile Connect M Android application may allow information disclosure. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2021-44470 Description: Incorrect default...

CVE-2022-2143

The affected product is vulnerable to two instances of command injection, which may allow an attacker to remotely execute arbitrary code...