CVE-2026-25933

The vulnerability CVE-2026-25933 affects Arduino App Lab prior to 0.4.0. The Terminal component fails to sanitize/validate _info.Serial and _info.Address data from connected hardware, allowing specially crafted strings to execute as the user when a tampered board is used. Exploitation requires ph...

CVE-2020-36940 Easy CD & DVD Cover Creator 4.13 - Denial of Service

Easy CD & DVD Cover Creator 4.13 contains a buffer overflow vulnerability in the serial number input field that allows attackers to crash the application. Attackers can generate a 6000-byte payload and paste it into the serial number field to trigger an application crash...

CVE-2025-68132

EVerest is an EV charging software stack. Prior to version 2025.12.0, ismessagecrccorrect in the DZGGSH01 powermeter SLIP parser reads vecvec.size-1 and vecvec.size-2 without checking that at least two bytes are present. Malformed SLIP frames on the serial link can reach ismessagecrccorrect with...

EUVD-2025-206323

EVerest is an EV charging software stack. Prior to version 2025.12.0, ismessagecrccorrect in the DZGGSH01 powermeter SLIP parser reads vecvec.size-1 and vecvec.size-2 without checking that at least two bytes are present. Malformed SLIP frames on the serial link can reach ismessagecrccorrect with...

CVE-2025-68132 EVerest has out-of-bounds read in DZG_GSH01 SLIP CRC parser that can crash powermeter driver

EVerest is an EV charging software stack. Prior to version 2025.12.0, ismessagecrccorrect in the DZGGSH01 powermeter SLIP parser reads vecvec.size-1 and vecvec.size-2 without checking that at least two bytes are present. Malformed SLIP frames on the serial link can reach ismessagecrccorrect with...

CVE-2025-68132

EVerest is an EV charging software stack. Prior to version 2025.12.0, ismessagecrccorrect in the DZGGSH01 powermeter SLIP parser reads vecvec.size-1 and vecvec.size-2 without checking that at least two bytes are present. Malformed SLIP frames on the serial link can reach ismessagecrccorrect with...

CVE-2025-68132

CVE-2025-68132 affects EVerest EV charging software stack. The issue lies in the DZG_GSH01 powermeter SLIP parser, where is_message_crc_correct reads vec[vec.size()-1] and vec[vec.size()-2] without verifying that at least two bytes exist. Malformed SLIP frames on the serial link can reach this fu...

PT-2026-3844

EVerest is an EV charging software stack. Prior to version 2025.12.0, is message crc correct in the DZG GSH01 powermeter SLIP parser reads vecvec.size-1 and vecvec.size-2 without checking that at least two bytes are present. Malformed SLIP frames on the serial link can reach is message crc correc...

CVE-2025-65231

Barix Instreamer v04.06 and earlier is vulnerable to Cross Site Scripting XSS in the Web UI I/O & Serial configuration page, specifically the CTS close command user-input field which is stored and later rendered on the Status page...

CVE-2025-8870 On affected platforms running Arista EOS, certain serial console input might result in an unexpected reload of the device.

On affected platforms running Arista EOS, certain serial console input might result in an unexpected reload of the device.153...

EUVD-2013-2743

Malware in sbrugna...