EUVD-2024-46104

Malicious code in bioql PyPI...

Microsoft Patch Tuesday for August 2025 — Snort rules and prominent vulnerabilities

Microsoft has released its monthly security update for August 2025, which includes 111 vulnerabilities affecting a range of products, including 13 that Microsoft marked as "critical". In this month's release, Microsoft observed none of the included vulnerabilities being actively exploited in the...

CVE-2025-7913

A vulnerability, which was classified as critical, was found in TOTOLINK T6 4.1.5cu.748B20211015. Affected is the function updateWifiInfo of the component MQTT Service. The manipulation of the argument serverIp leads to buffer overflow. It is possible to launch the attack remotely. The exploit ha...

CVE-2024-52060

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in RTI Connext Professional Routing Service, Recording Service, Queuing Service, Observability Collector Service, Cloud Discovery Service allows Buffer Overflow via Environment Variables.This issue affects Connext...

CVE-2024-52061

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in RTI Connext Professional Core Libraries, Queuing Service, Recording Service, Routing Service allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before...

CVE-2024-52061 Potential stack buffer overflow when parsing an XML type

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in RTI Connext Professional Core Libraries, Queuing Service, Recording Service, Routing Service allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before...

CVE-2024-52061 Potential stack buffer overflow when parsing an XML type

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in RTI Connext Professional Core Libraries, Queuing Service, Recording Service, Routing Service allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before...

CVE-2024-52057

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RTI Connext Professional Queuing Service allows SQL Injection.This issue affects Connext Professional: from 7.0.0 before 7.3.0, from 6.1.0 before 6.1.2.17, from 6.0.0 before 6.0., from 5.2.0 before...

CVE-2024-52057 Potential arbitrary SQL query execution in Queuing Service while parsing malicious remote commands or configuration files

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RTI Connext Professional Queuing Service allows SQL Injection.This issue affects Connext Professional: from 7.0.0 before 7.3.0, from 6.1.0 before 6.1.2.17, from 6.0.0 before 6.0., from 5.2.0 before...

CVE-2024-52057

RTI Connext Professional (Queuing Service) is affected by CVE-2024-52057 due to improper neutralization of special elements used in SQL commands, enabling SQL injection. Affected versions are: 5.2.0–5.3.* (update to after 5.3.); 6.0.0–6.0. (update to after 6.0.*); 6.1.0–6.1.2.17 (update to after ...

CVE-2024-52057 Potential arbitrary SQL query execution in Queuing Service while parsing malicious remote commands or configuration files

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RTI Connext Professional Queuing Service allows SQL Injection.This issue affects Connext Professional: from 7.0.0 before 7.3.0, from 6.1.0 before 6.1.2.17, from 6.0.0 before 6.0., from 5.2.0 before...

PT-2024-35111 · Real Time Innovations · Rti Connext Professional

Name of the Vulnerable Software and Affected Versions: RTI Connext Professional versions 5.3.0 through 5.3.1.45 RTI Connext Professional versions 6.0.0 through 6.0. RTI Connext Professional versions 6.1.0 through 6.1.2.21 RTI Connext Professional versions 7.0.0 through 7.3.0.5 Description: The...

PT-2024-35107 · Real Time Innovations · Rti Connext Professional

Name of the Vulnerable Software and Affected Versions: RTI Connext Professional versions 5.2.0 through 5.3. RTI Connext Professional versions 6.0.0 through 6.0. RTI Connext Professional versions 6.1.0 through 6.1.2.17 RTI Connext Professional versions 7.0.0 through 7.3.0 Description: The issue is...

PT-2024-35112 · Real Time Innovations · Rti Connext Professional

Name of the Vulnerable Software and Affected Versions: RTI Connext Professional versions 5.0.0 through 5.3.1.45 RTI Connext Professional versions 6.0.0 through 6.0.1.40 RTI Connext Professional versions 6.1.0 through 6.1.2.21 RTI Connext Professional versions 7.0.0 through 7.3.0.5 RTI Connext...

PT-2024-21114 · Real Time Innovations · Rti Connext Professional

Name of the Vulnerable Software and Affected Versions: RTI Connext Professional versions 5.3.1 through 6.1.0 Description: A buffer overflow in XML parsing from Routing Service, Recording Service, Queuing Service, and Cloud Discovery Service allows attackers to execute code with the affected...

Mitsubishi Electric Electrical discharge machines

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Corporation Equipment : Electrical discharge machines Vulnerability : Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could...

CVE-2023-31222

Deserialization of untrusted data in Microsoft Messaging Queuing Service in Medtronic's Paceart Optima versions 1.11 and earlier on Windows allows an unauthorized user to impact a healthcare delivery organization’s Paceart Optima system cardiac device causing data to be deleted, stolen, or...

Deserialization of untrusted data

Deserialization of untrusted data in Microsoft Messaging Queuing Service in Medtronic's Paceart Optima versions 1.11 and earlier on Windows allows an unauthorized user to impact a healthcare delivery organization’s Paceart Optima system cardiac device causing data to be deleted, stolen, or...

Medtronic Paceart Optima 代码问题漏洞

Medtronic Paceart Optima is a comprehensive workflow solution from Medtronic, Inc. to efficiently compile and manage patient cardiac device data. A security vulnerability exists in Medtronic Paceart Optima version 1.11 and prior versions that originates from a data deserialization issue in...

IBM WebSphere MQ 7.0.0.x / 8.0.0.x Password Handling Remote Access Vulnerability

According to its self-reported version, the IBM WebSphere MQ server installed on the remote Windows host is 7.0.0.x or 8.0.0.x without patch APAR PM52049 C Tenable Network Security, Inc. include"compat.inc"; if description scriptid108485; scriptversion"1.5"; scriptcvsdate"Date: 2019/11/08";...