CVE-2025-61634

A flaw was found in MediaWiki, associated with the includes/Rest/Handler/PageHTMLHandler.Php program file, which is involved in page handling. This vulnerability could potentially be exploited by a remote attacker without requiring special privileges, but it does necessitate user interaction. Bas...

Linux Distros Unpatched Vulnerability : CVE-2022-1350

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability classified as problematic was found in GhostPCL 9.55.0. This vulnerability affects the function chunkfreeobject of the file gsmchunk.c. The...

CVE-2019-2018

In resetPasswordInternal of DevicePolicyManagerService.java, there is a possible bypass of password reset protection due to an unusual root cause. Remote user interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9Android ID: A-110172241...

CVE-2018-9353

In ihevcdparseslicedata of ihevcdparseslice.c there is a possible heap buffer out of bound read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation...

DEBIAN-CVE-2022-1210

A vulnerability classified as problematic was found in LibTIFF 4.3.0. Affected by this vulnerability is the TIFF File Handler of tiff2ps. Opening a malicious file leads to a denial of service. The attack can be launched remotely but requires user interaction. The exploit has been disclosed to the...

CVE-2022-1210

A vulnerability classified as problematic was found in LibTIFF 4.3.0. Affected by this vulnerability is the TIFF File Handler of tiff2ps. Opening a malicious file leads to a denial of service. The attack can be launched remotely but requires user interaction. The exploit has been disclosed to the...

Heap overflow

In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500621; Issue ID: ALPS04964928...

CVE-2020-0332

In libstagefright, there is a possible dead loop due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-124783982...

Design/Logic Flaw

In libstagefright, there is a possible dead loop due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-124783982...

Robot Character Analysis Reveals Trust Issues

ARCHIVED STORY Robot Character Analysis Reveals Trust Issues By Douglas McKee · August 05, 2020 Retired Marine fighter pilot and Top Gun instructor Dave Berke said “Every single thing you do in your life, every decision you make, is an OODA Loop.” OODA Loop? Observe–Orient–Decide–Act, the “OODA...

CVE-2020-5130

SonicOS SSLVPN LDAP login request allows remote attackers to cause external service interaction DNS due to improper validation of the request. This vulnerability impact SonicOS version 6.5.4.4-44n and earlier...

CVE-2020-0189

In ihevcddecode of ihevcddecode.c, there is possible resource exhaustion due to an infinite loop. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-139939283...

CVE-2019-9398

In Bluetooth, there is possible controlled termination due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115745406...

Command Execution Vulnerability in Sweeping Robot of Shenzhen Sugikawa Robotics Co.

Shenzhen Sugawa Robotics Co., Ltd. is a high-tech enterprise focusing on the research, development, production and sales of sweeping robots. Shenzhen Sugikawa Robotics Co., Ltd. sweeping robot with command execution vulnerability, attackers can use the vulnerability to achieve interaction with th...

Insteon Hub PubNub Firmware Downgrade Vulnerability (CVE-2018-3833)

Summary An exploitable firmware downgrade vulnerability exists in Insteon Hub running firmware version 1013. The firmware upgrade functionality, triggered via PubNub, retrieves signed firmware binaries using plain HTTP requests. The device doesn't check the firmware version that is going to be...

Insteon Hub PubNub control Channel Message Handler Code Execution Vulnerabilities(CVE-2017-14452~CVE-2017-14455)

Summary Multiple exploitable buffer overflow vulnerabilities exists in the PubNub message handler for the "control" channel of Insteon Hub running firmware version 1012. Specially crafted replies received from the PubNub service can cause buffer overflows on a global section overwriting arbitrary...

Insteon Hub PubNub "cc" Channel Message Handler Multiple Global Overflow Code Execution Vulnerabilities(CVE-2017-16338 ~CVE-2017-16347)

Summary Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a buffer overflow on a global section overwriting arbitrary data...

Input validation

An issue was discovered in SageCRM 7.x before 7.3 SP3. The Component Manager functionality, provided by SageCRM, permits additional components to be added to the application to enhance provided functionality. This functionality allows a zip file to be uploaded, containing a valid .ecf component...

CVE-2017-5219

CVE-2017-5219 affects SageCRM 7.x prior to 7.3 SP3. The Component Manager allows uploading a zip containing a valid .ecf component file, which is extracted to the inf directory outside the webroot. A crafted zip with an empty .ecf can cause arbitrary files to be extracted, including a web shell n...

CVE-2017-5219

An issue was discovered in SageCRM 7.x before 7.3 SP3. The Component Manager functionality, provided by SageCRM, permits additional components to be added to the application to enhance provided functionality. This functionality allows a zip file to be uploaded, containing a valid .ecf component...