CVE-2025-10010

The CVE affects the CPSD CryptoPro Secure Disk: during boot, a small Linux OS validates integrity via IMA, but configuration files are not validated by IMA. This can allow an attacker with physical access to alter config files on the unencrypted partition, enabling arbitrary code execution as roo...

CVE-2025-60262

An issue in H3C M102G HM1A0V200R010 wireless controller and BA1500L SWBA1A0V100R006 wireless access point, there is a misconfiguration vulnerability about vsftpd. Through this vulnerability, all files uploaded anonymously via the FTP protocol is automatically owned by the root user and remote...

EUVD-2013-1436

Malware in sbrugna...

EUVD-2012-6568

Malware in sbrugna...

EUVD-2025-23699

Malicious code in bioql PyPI...

EUVD-2021-30348

Malicious code in bioql PyPI...

EUVD-2023-36455

Malicious code in bioql PyPI...

CVE-2025-8645 Kenwood DMX958XR Firmware Update Command Injection Vulnerability

Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within t...

CVE-2025-20284

A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system as root. This vulnerability is due to insufficient validation of user-supplied input. An attacker with valid credentials coul...

CVE-2021-23147

Netgear Nighthawk R6700 version 1.0.4.120 does not have sufficient protections for the UART console. A malicious actor with physical access to the device is able to connect to the UART port via a serial connection and execute commands as the root user without authentication...

CVE-2025-1122

Out-Of-Bounds Write in TPM2 Reference Library in Google ChromeOS 15753.50.0 stable on Cr50 Boards allows an attacker with root access to gain persistence and Bypass operating system verification via exploiting the NVRead functionality during the Challenge-Response process...

PT-2025-16113 · Debian +1 · Debian +1

Name of the Vulnerable Software and Affected Versions: Taegis Endpoint Agent Linux versions prior to 1.3.10 Description: A code injection issue in the Debian package component allows local users to execute arbitrary code as root. This issue does not affect Redhat-based systems that use RPM...

Exploit for Uncontrolled Search Path Element in Needrestart_Project Needrestart

CVE-2024-48990 introdution This vulnerability takes advant...

New Android Spyware LianSpy Evades Detection Using Yandex Cloud

Users in Russia have been the target of a previously undocumented Android post-compromise spyware called LianSpy since at least 2021. Cybersecurity vendor Kaspersky, which discovered the malware in March 2024, noted its use of Yandex Cloud, a Russian cloud service, for command-and-control C2...

Design/Logic Flaw

PAX A930 device with PayDroid7.1.1VirgoV04.5.0220220722 can allow an attacker to gain root access by running a crafted binary leveraging an exported function from a shared library. The attacker must have shell access to the device in order to exploit this vulnerability...

Vulnerabilities fixed in Cisco Identity Services Engine

Cisco has fixed vulnerabilities in the Identity Services Engine ISE. A malicious party could potentially exploit the vulnerabilities to obtain sensitive data, or execute arbitrary code with root privileges. To obtain sensitive data, the malicious party must be authenticated to the management...

IBM Security Guardium Improper Access Control Vulnerability

IBM Security Guardium is a comprehensive data protection solution that offers a full range of data security features from compliance support to dynamic data shielding. An improper access control vulnerability exists in IBM Security Guardium 11.2. An attacker could exploit the vulnerability to gai...

SUSE-SU-2017:2498-1 Security update for Linux Kernel Live Patch 20 for SLE 12

This update for the Linux Kernel 3.12.61-5269 fixes several issues. The following security bugs were fixed: - CVE-2017-1000112: Prevent a race condition in net-packet code that could have been exploited by unprivileged users to gain root access bsc1052368...

CVE-2011-1352

The CVE-2011-1352 issue affects the PowerVR SGX driver used in Android prior to 2.3.6. A local attacker can trigger kernel memory corruption via the pvrsrvkm device by supplying crafted user data, enabling privilege escalation to root. Multiple connected sources (including Levitator exploit code,...

Xmame 0.102 - '-pb/-lang/-rec' Local Buffer Overflow

/ xmame-expl.c by sj [email protected] On 20th of Jan it came to my attention that Xmame suffered from several buffer overflow problems. Thinking this issue was resolved, I installed Xmame on my Ubuntu laptop, from the Ubuntu repositories which installed a vulnerable version of Xmame. This is what...