CVE-2026-31256

A null pointer dereference vulnerability exists in the RTSP service of the MERCURY MIPC252W 1.0.5 Build 230306 Rel.79931n. During the processing of a SETUP request for the path rtsp://:554/stream1/track2, the device fails to properly validate the Transport header field. When this header is...

CVE-2026-32839

Edimax GS-5008PL firmware 1.00.54 and earlier is impacted by a cross-site request forgery (CSRF) vulnerability. The issue stems from lack of anti-CSRF tokens and insufficient request validation, enabling remote attackers to coerce logged-in administrators into performing actions via malicious pag...

CVE-2025-14105

A vulnerability was determined in TOZED ZLT M30S and ZLT M30S PRO 1.47/3.09.06. This impacts an unknown function of the file /reqproc/procpost of the component Web Interface. Executing manipulation of the argument goformId with the input REBOOTDEVICE can lead to denial of service. The attack can...

CVE-2025-40939

A vulnerability has been identified in SIMATIC CN 4100 All versions V4.0.1. The affected device contains a USB port which allows unauthenticated connections. This could allow an attacker with physical access to the device to trigger reboot that could cause denial of service condition...

CVE-2025-14105 TOZED ZLT M30S/ZLT M30S PRO Web proc_post denial of service

A vulnerability was determined in TOZED ZLT M30S and ZLT M30S PRO 1.47/3.09.06. This impacts an unknown function of the file /reqproc/procpost of the component Web Interface. Executing manipulation of the argument goformId with the input REBOOTDEVICE can lead to denial of service. The attack can...

CVE-2025-14105

TOZED ZLT M30S and ZLT M30S PRO (firmware 1.47/3.09.06) Web Interface vulnerability in /reqproc/proc_post allows manipulation of the goformId argument with input REBOOT_DEVICE to trigger a denial of service. Impact is limited to the local network; exploit publicly disclosed. Vendor has not respon...

CVE-2025-14105 TOZED ZLT M30S/ZLT M30S PRO Web proc_post denial of service

A vulnerability was determined in TOZED ZLT M30S and ZLT M30S PRO 1.47/3.09.06. This impacts an unknown function of the file /reqproc/procpost of the component Web Interface. Executing manipulation of the argument goformId with the input REBOOTDEVICE can lead to denial of service. The attack can...

EUVD-2019-10601

Malware in sbrugna...

EUVD-2021-31233

Malicious code in bioql PyPI...

CVE-2024-51983

An unauthenticated attacker who can connect to the Web Services feature HTTP TCP port 80 can issue a WS-Scan SOAP request containing an unexpected JobToken value which will crash the target device. The device will reboot, after which the attacker can reissue the command to repeatedly crash the...

CVE-2024-51982

An unauthenticated attacker who can connect to TCP port 9100 can issue a Printer Job Language PJL command that will crash the target device. The device will reboot, after which the attacker can reissue the command to repeatedly crash the device. A malformed PJL variable FORMLINES is set to a non...

COROS PACE 3 安全漏洞

COROS PACE 3 is a GPS sports watch from COROS China. A security vulnerability exists in COROS PACE 3 3.0808.0 and prior versions, which originates from a null pointer dereference and may cause the device to reboot...

CVE-2022-20435

There is a Unauthorized service in the system service, may cause the system reboot. Since the component does not have permission check and permission protection, resulting in EoP problem.Product: AndroidVersions: Android SoCAndroid ID: A-242248367...

CVE-2020-27279

A NULL pointer deference vulnerability has been identified in the protocol converter. An attacker could send a specially crafted packet that could reboot the device running Crimson 3.1 Build versions prior to 3119.001...

CVE-2019-20045

The Synergy Systems & Solutions PLC & RTU system has a vulnerability in HUSKY RTU 6049-E70 firmware versions 5.0 and prior. Specially crafted malicious packets could cause disconnection of active authentic connections or reboot of device. This is a different issue than CVE-2019-16879 and...

CVE-2025-2863

Cross-site request forgery CSRF vulnerability in the web application of saTECH BCU firmware version 2.1.3, which could allow an unauthenticated local attacker to exploit active administrator sessions and perform malicious actions. The malicious actions that can be executed by the attacker depend ...

Cisco Identity Services Engine Authorization Bypass Vulnerability (CNVD-2025-03530)

Cisco Identity Services Engine is an environment-aware platform from the U.S. company Cisco Cisco. The Cisco Identity Services Engine API has an authorization bypass vulnerability that can be exploited by a remote attacker to submit a special request that can obtain sensitive information, modify...

CVE-2021-40415

An incorrect default permission vulnerability exists in the cgiserver.cgi cgicheckability functionality of reolink RLC-410W v3.0.0.13620121102. In cgicheckability the Format API does not have a specific case, the user permission will default to 7. This will give non-administrative users the...

Cisco ISE 授权问题漏洞

Cisco Identity Services Engine is an environment-aware platform from the U.S. company Cisco Cisco. The Cisco Identity Services Engine API has an authorization bypass vulnerability that can be exploited by a remote attacker to submit a special request that can obtain sensitive information, modify...

CVE-2024-5849

An unauthenticated remote attacker may use a reflected XSS vulnerability to obtain information from a user or reboot the affected device once...