EUVD-2005-3655

Malware in sbrugna...

EUVD-2025-13669

Malicious code in bioql PyPI...

CVE-2021-23176

Improper access control in reporting engine of l10nfrfec module in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows remote authenticated users to extract accounting information via crafted RPC packets...

CVE-2011-0183

Libinfo in Apple Mac OS X before 10.6.7 does not properly handle an unspecified integer field in an NFS RPC packet, which allows remote attackers to cause a denial of service lockd, statd, mountd, or portmap outage via a crafted packet, related to an "integer truncation issue."...

CVE-2025-32397

An Heap-based Buffer Overflow in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a malicious RPC packet...

CVE-2025-32400

An Heap-based Buffer Overflow in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a malicious RPC packet...

CVE-2025-32405

RT-Labs P-Net is a PROFINET stack. CVE-2025-32405 describes an Out-of-bounds Write in P-Net v1.0.1 and earlier that can crash IO devices by sending a malicious RPC packet. The issue is a memory write beyond the connection buffer, leading to device disruption (DoS). Exploitation is via network acc...

CVE-2025-32404

CVE-2025-32404 describes an out-of-bounds write in RT-Labs P-Net prior to or at 1.0.1 that can corrupt the memory of IO devices using the library when a malicious RPC packet is sent. The issue affects RT-Labs P-Net versions 1.0.1 and earlier and is exploitable over network, enabling memory corrup...

CVE-2025-32397

An Heap-based Buffer Overflow in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a malicious RPC packet...

CVE-2025-32397

CVE-2025-32397 describes a heap-based buffer overflow in RT-Labs P-Net

CVE-2025-32396

CVE-2025-32396 describes a heap-based buffer overflow in RT-Labs P-Net (versions ≤ 1.0.1) that can crash IO devices using the library when a malicious RPC packet is sent. The vulnerability is network-exploitable via the RPC endpoint; no exploit details are provided in the documents. Connected sou...

PT-2025-20025 · Rt · Rt-Labs P-Net

Name of the Vulnerable Software and Affected Versions: RT-Labs P-Net versions 1.0.1 and earlier Description: A heap-based buffer overflow in RT-Labs P-Net allows an attacker to corrupt the memory of IO devices that use the library by sending a malicious RPC packet. Recommendations: For RT-Labs...

PT-2025-20027 · Rt · Rt-Labs P-Net

Name of the Vulnerable Software and Affected Versions: RT-Labs P-Net versions 1.0.1 and earlier Description: The issue allows an attacker to corrupt the memory of IO devices that use the library by sending a malicious RPC packet. This is due to an out-of-bounds write in the affected software...

BIT-ODOO-2021-23176

Improper access control in reporting engine of l10nfrfec module in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows remote authenticated users to extract accounting information via crafted RPC packets...

NimExec - Fileless Command Execution For Lateral Movement In Nim

Basically, NimExec is a fileless remote command execution tool that uses The Service Control Manager Remote Protocol MS-SCMR. It changes the binary path of a random or given service run by LocalSystem to execute the given command on the target and restores it later via hand-crafted RPC packets...

Remote Code Execution (RCE)

netatalk is vulnerable to Remote Code Execution RCE. The vulnerability exists due to the lack of type checking in callers in the dallocvalueforkey function of the library, which leads to type confusion and allows an attacker to inject and execute malicious code by parsing maliciously crafted...

Improper Access Control

odoo is vulnerable to Improper Access Control. The vulnerability exists in reporting engine of l10nfrfec module, which allows an attacker to extract accounting information via crafted RPC packets...

CVE-2023-34967

A Type Confusion vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in the mdssvc protocol...

CVE-2021-23176

Improper access control in reporting engine of l10nfrfec module in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows remote authenticated users to extract accounting information via crafted RPC packets...

Improper access control

Improper access control in reporting engine of l10nfrfec module in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows remote authenticated users to extract accounting information via crafted RPC packets...