CVE-2025-66803

Race condition in the turbo-frame element handler in Hotwired Turbo before 8.0.x causes logout operations to fail when delayed frame responses reapply session cookies after logout. This can be exploited by remote attackers via selective network delays e.g. delaying requests based on sequence or...

EUVD-2013-2612

Malware in sbrugna...

EUVD-2025-25800

Malicious code in bioql PyPI...

CVE-2025-25733

Incorrect access control in the SPI Flash Chip of Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units RSUs v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 allows physically proximate attackers to arbitrarily modify SPI flash regions, leading to a degradation of the security posture of the devi...

CVE-2025-25733

CVE-2025-25733 concerns an improper access control in the SPI Flash Chip of Kapsch TrafficCom RIS-9160 and RIS-9260 Roadside Units (RSUs). Affected versions are 3.2.0.829.23, 3.8.0.1119.42, and 4.6.0.1211.28. The root cause is improper SPI Flash Chip access control, enabling physically proximate ...

CVE-2021-25409

Improper access in Notification setting prior to SMR JUN-2021 Release 1 allows physically proximate attackers to set arbitrary notification via physically configuring device...

RHEL 6 : util-linux (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - util-linux: command injection flaw in blkid CVE-2014-9114 - Buffer overflow in text-utils/colcrt.c in...

CVE-2023-47233

The brcm80211 component in the Linux kernel through 6.5.10 has a brcmfcfg80211detach use-after-free in the device unplugging disconnect the USB by hotplug code. For physically proximate attackers with local access, this "could be exploited in a real world scenario." This is related to...

AZL-31942 CVE-2023-47233 affecting package kernel for versions less than 5.15.158.2-1

The brcm80211 component in the Linux kernel through 6.5.10 has a brcmfcfg80211detach use-after-free in the device unplugging disconnect the USB by hotplug code. For physically proximate attackers with local access, this "could be exploited in a real world scenario." This is related to...

Double free

The brcm80211 component in the Linux kernel through 6.5.10 has a brcmfcfg80211detach use-after-free in the device unplugging disconnect the USB by hotplug code. For physically proximate attackers with local access, this "could be exploited in a real world scenario." This is related to...

CVE-2023-47233

The brcm80211 component in the Linux kernel through 6.5.10 has a brcmfcfg80211detach use-after-free in the device unplugging disconnect the USB by hotplug code. For physically proximate attackers with local access, this "could be exploited in a real world scenario." This is related to...

CVE-2023-47233

The brcm80211 component in the Linux kernel through 6.5.10 has a brcmfcfg80211detach use-after-free in the device unplugging disconnect the USB by hotplug code. For physically proximate attackers with local access, this "could be exploited in a real world scenario." This is related to...

CVE-2023-47233

The brcm80211 component in the Linux kernel through 6.5.10 has a brcmfcfg80211detach use-after-free in the device unplugging disconnect the USB by hotplug code. For physically proximate attackers with local access, this "could be exploited in a real world scenario." This is related to...

Oracle Linux 5 : gnome-screensaver (ELSA-2008-0218)

The remote Oracle Linux 5 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2008-0218 advisory. 2.16.1-8 Resolves: 436522 - rebuild against 5.1 nss 2.16.1-7 Resolves: 436522 - dont unlock the screen when pwent lookup fails 2.16.1-6 Resolves: 245345 - Add...

Authentication flaw

The IEEE 802.11 specifications through 802.11ax allow physically proximate attackers to intercept possibly cleartext target-destined frames by spoofing a target's MAC address, sending Power Save frames to the access point, and then sending other frames to the access point such as authentication...

SUSE CVE-2013-1929

Heap-based buffer overflow in the tg3readvpd function in drivers/net/ethernet/broadcom/tg3.c in the Linux kernel before 3.8.6 allows physically proximate attackers to cause a denial of service system crash or possibly execute arbitrary code via crafted firmware that specifies a long string in the...

CVE-2021-35954

fastrack Reflex 2.0 W307SREFLEXv90.89 Activity Tracker allows physically proximate attackers to dump the firmware, flash custom malicious firmware, and brick the device via the Serial Wire Debug SWD feature...

CVE-2022-45163

An information-disclosure vulnerability exists on select NXP devices when configured in Serial Download Protocol SDP mode: i.MX RT 1010, i.MX RT 1015, i.MX RT 1020, i.MX RT 1050, i.MX RT 1060, i.MX 6 Family, i.MX 7Dual/Solo, i.MX 7ULP, i.MX 8M Quad, i.MX 8M Mini, and Vybrid. In a device...

PT-2022-27417 · Nxp · Nxp Vybrid +10

Name of the Vulnerable Software and Affected Versions: NXP i.MX RT 1010 NXP i.MX RT 1015 NXP i.MX RT 1020 NXP i.MX RT 1050 NXP i.MX RT 1060 NXP i.MX 6 Family NXP i.MX 7Dual/Solo NXP i.MX 7ULP NXP i.MX 8M Quad NXP i.MX 8M Mini NXP Vybrid Description: An information-disclosure issue exists on selec...

Default credentials

A lack of password masking in Devolutions Remote Desktop Manager allows physically proximate attackers to observe sensitive data. A caching issue can cause sensitive fields to sometimes stay revealed when closing and reopening a panel, which could lead to involuntarily disclosing sensitive...