Cisco IOS XE Software Lobby Ambassador Privilege Escalation (cisco-sa-iosxe-lobby-privesc-KwxBqJy)

According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. - A vulnerability in the Lobby Ambassador web-based management API of Cisco IOS XE Software could allow an authenticated, remote attacker to elevate their privileges and access management APIs that would...

CVE-2026-20083

CVE-2026-20083 describes a DoS vulnerability in the SCP server feature of Cisco IOS XE. An authenticated, low-privilege local attacker can trigger a reload via a crafted SCP command issued over SSH due to improper handling of a malformed request. The practical impact is a device DoS from unexpect...

CVE-2026-20125

A vulnerability in the HTTP Server feature of Cisco IOS Software and Cisco IOS XE Software Release 3E could allow an authenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service DoS condition. This vulnerability is due to improper validation ...

quickswap-router-sdk (=1.0.0), quickswap-smart-order-router (=1.0.0) potentially affected by unknown CVE via quickswap-v2-sdk (=2.0.0)

quickswap-v2-sdk NPM version =2.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on quickswap-v2-sdk and may be impacted: - quickswap-router-sdk =1.0.0 - quickswap-smart-order-router =1.0.0 Source cves: unknown CVE Source advisory: OSV:MAL-2025-191412...

EUVD-2008-0341

Malware in sbrugna...

EUVD-2001-0725

Malware in sbrugna...

EUVD-2023-50528

Malicious code in bioql PyPI...

CVE-2025-20313

Multiple vulnerabilities in Cisco IOS XE Software of could allow an authenticated, local attacker with level-15 privileges or an unauthenticated attacker with physical access to the device to execute persistent code at boot time and break the chain of trust. These vulnerabilities are due path...

The vulnerability of sub_54014 in Netgear EX6200 Wi-Fi router’s built-in software allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of sub54014 in Netgear EX6200 Wi-Fi router’s built-in software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the formSafeEmailFilter() function in the microprogramming software for Tenda FH451 allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the formSafeEmailFilter function in the Tenda FH451 router software lies in the issue of the operation being executed outside the buffer in memory when processing the page parameter. Exploiting this vulnerability can allow a malicious actor to cause service failures or execut...

The vulnerability of the websGetVar function in the /goform/set_blacklist file of the LB-LINK router software allows a violator to gain full control over the device.

The vulnerability of the websGetVar function in the /goform/setblacklist file of the LB-LINK router microprogramming system exists due to the lack of measures to neutralize special elements used in the operating system command. Exploiting this vulnerability can allow a remote attacker to gain ful...

The vulnerability of the bs_SetDNSInfo() function in the libshare-0.0.26.so library of the LB-LINK router software allows a attacker to execute arbitrary commands.

The vulnerability of the bsSetDNSInfo function in the libshare-0.0.26.so library of the LB-LINK router software is related to the lack of data cleaning measures at the management level when processing the parameters dns1 and dns2. Exploiting this vulnerability allows a remote attacker to execute...

The vulnerability of the AT+MFPORTFWD command in the microprogramming software for Industrial Routers Microhard IPn4Gii-NA2 and BulletLTE-NA2 allows a hacker to enhance their privileges.

The vulnerability of the AT+MFPORTFWD command in the microprogramming software for Industrial Routers Microhard IPn4Gii-NA2 and BulletLTE-NA2 is related to the implementation or modification of certain arguments. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the check_language_file() function in Netgear’s JWNR2000v2 router software allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the checklanguagefile function in Netgear JWNR2000v2 router microprogramming software is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

The vulnerability of the HTTP POST Request Handler component of the /boafrm/formNtp file in the microprogramming software for routers A702R, A3002R, and A3002RU allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the HTTP POST Request Handler component of the /boafrm/formNtp file in the microprogramming software for routers A702R, A3002R, and A3002RU is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker ...

The vulnerability of the Telnet protocol implementation in the microprogramming-based router software Tenda RX2 Pro allows a hacker to bypass security restrictions and execute arbitrary commands.

The vulnerability of the Telnet protocol implementation in Tenda RX2 Pro microprogramming router software is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and execute arbitrary commands remotely...

The vulnerability of the formOneSidCfgSet function in the microprogramming software for Tenda AC500 allows a hacker to cause a service failure.

The vulnerability of the formOneSidCfgSet function in the Tenda AC500 router’s microprogramming software relates to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the setScheduleCfg function in the microprogramming software for TOTOLINK X5000R allows a hacker to execute arbitrary commands.

The vulnerability of the setScheduleCfg function in TOTOLINK X5000R router microprogramming software exists due to the lack of measures to neutralize special elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by manipulating the hour parameter...

The vulnerability of the command-line interface of Cisco IOS XR allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the command-line interface of Cisco IOS XR systems is related to improper validation of arguments passed to a specific CLI command. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the I-O Data Device UD-LT1 and UD-LT1/EX router microprogramming software lies in the improper assignment of permissions for critical resources, allowing a perpetrator to gain unauthorized access to protected information.

The vulnerability of the I-O Data Device UD-LT1 and UD-LT1/EX router microprogramming software is related to the improper assignment of permissions for critical resources. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...