Lucene search
K

7923 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/13 10:3 p.m.4 views

Malicious code in robase-install (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e1076baa8ca4cabd7ae4b1caafa04658a6f7a1c80f52d25de958412ec5d11661 The package is part of a malicious campaign, but was removed before the malicious code got embedded inside. --- Category: MALICIOUS - The campaign has clearly...

6AI score
Exploits0References9
OSV
OSV
added 2026/04/13 10:3 p.m.7 views

MAL-2026-2625 Malicious code in robase-install (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e1076baa8ca4cabd7ae4b1caafa04658a6f7a1c80f52d25de958412ec5d11661 The package is part of a malicious campaign, but was removed before the malicious code got embedded inside. --- Category: MALICIOUS - The campaign has clearly...

6AI score
Exploits0References9
EUVD
EUVD
added 2026/04/13 6:30 p.m.9 views

EUVD-2026-22034

A weakness has been identified in Totolink A3002MU B20211125.1046. Affected by this vulnerability is the function sub410188 of the file /boafrm/formWlanSetup of the component HTTP Request Handler. This manipulation of the argument wan-url causes stack-based buffer overflow. Remote exploitation of...

9CVSS6.2AI score0.00472EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/04/13 5:25 p.m.5 views

CVE-2026-31426

A flaw was found in the Linux kernel's Advanced Configuration and Power Interface ACPI Embedded Controller EC subsystem. During the setup of the EC handler, if a probe deferral occurs on specific hardware, the system fails to properly deallocate resources. This oversight creates a use-after-free...

7CVSS5.8AI score0.00111EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/13 5:15 p.m.1 views

CVE-2026-6194

A weakness has been identified in Totolink A3002MU B20211125.1046. Affected by this vulnerability is the function sub410188 of the file /boafrm/formWlanSetup of the component HTTP Request Handler. This manipulation of the argument wan-url causes stack-based buffer overflow. Remote exploitation of...

9CVSS6.2AI score0.00472EPSS
Exploits0References5
GithubExploit
GithubExploit
added 2026/04/13 2:36 p.m.110 views

Exploit for CVE-2025-66849

CVE-2025-66849 Ghost CMS Privilege Escalation PoC Summar...

5.8AI score
Exploits1
Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.4 views

PT-2026-32488

A weakness has been identified in Totolink A3002MU B20211125.1046. Affected by this vulnerability is the function sub 410188 of the file /boafrm/formWlanSetup of the component HTTP Request Handler. This manipulation of the argument wan-url causes stack-based buffer overflow. Remote exploitation o...

9CVSS7.8AI score0.00472EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/04/13 12:0 a.m.3 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the acpiecsetup function not properly cleaning up the handler when detection fails, potentially...

7CVSS5.8AI score0.00111EPSS
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/12 9:39 p.m.4 views

Malicious code in bloxy-api (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 943946978741dfa911109b549544e9c3fc70eb20bd14505039ea3d0f52625d77 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

6AI score
Exploits0References9
OSV
OSV
added 2026/04/12 9:39 p.m.5 views

MAL-2026-2569 Malicious code in bloxy-api (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 943946978741dfa911109b549544e9c3fc70eb20bd14505039ea3d0f52625d77 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

6AI score
Exploits0References9
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/12 9:27 p.m.4 views

Malicious code in robase-app (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 596d80290905c61841be2afc4bb833850683b152c52f8e58bce3faa32afe7deb During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

6AI score
Exploits0References9
OSV
OSV
added 2026/04/12 9:27 p.m.4 views

MAL-2026-2570 Malicious code in robase-app (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 596d80290905c61841be2afc4bb833850683b152c52f8e58bce3faa32afe7deb During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

6AI score
Exploits0References9
EUVD
EUVD
added 2026/04/12 3:30 p.m.3 views

EUVD-2019-20139

Heatmiser Wifi Thermostat 1.7 contains a cross-site request forgery vulnerability that allows attackers to change administrator credentials by tricking authenticated users into submitting malicious requests. Attackers can craft HTML forms targeting the networkSetup.htm endpoint with parameters...

5.3CVSS5.7AI score0.00129EPSS
Exploits1References3
EUVD
EUVD
added 2026/04/12 3:30 p.m.6 views

EUVD-2019-20126

Faleemi Desktop Software 1.8 contains a local buffer overflow vulnerability in the System Setup dialog that allows attackers to bypass DEP protections through structured exception handling exploitation. Attackers can inject a crafted payload into the Save Path for Snapshot and Record file field t...

8.6CVSS6.4AI score0.00156EPSS
Exploits0References4
NVD
NVD
added 2026/04/12 1:16 p.m.5 views

CVE-2019-25691

Faleemi Desktop Software 1.8 contains a local buffer overflow vulnerability in the System Setup dialog that allows attackers to bypass DEP protections through structured exception handling exploitation. Attackers can inject a crafted payload into the Save Path for Snapshot and Record file field t...

8.6CVSS0.00156EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/12 12:28 p.m.29 views

CVE-2019-25708 Heatmiser Wifi Thermostat 1.7 Cross-Site Request Forgery

Heatmiser Wifi Thermostat 1.7 contains a cross-site request forgery vulnerability that allows attackers to change administrator credentials by tricking authenticated users into submitting malicious requests. Attackers can craft HTML forms targeting the networkSetup.htm endpoint with parameters...

5.3CVSS0.00129EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/04/12 12:28 p.m.3 views

CVE-2019-25708

Heatmiser Wifi Thermostat 1.7 contains a cross-site request forgery vulnerability that allows attackers to change administrator credentials by tricking authenticated users into submitting malicious requests. Attackers can craft HTML forms targeting the networkSetup.htm endpoint with parameters...

5.3CVSS5.7AI score0.00129EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/04/12 12:28 p.m.12 views

CVE-2019-25708

Heatmiser Wifi Thermostat 1.7 is affected by a cross-site request forgery (CSRF) that lets an attacker change administrator credentials by deceiving an authenticated user into submitting a crafted request to networkSetup.htm with parameters usnm, usps, and cfps. This can modify the admin username...

5.3CVSS5.7AI score0.00129EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/12 12:28 p.m.1 views

CVE-2019-25691 Faleemi Desktop Software 1.8 Local Buffer Overflow SEH DEP Bypass

Faleemi Desktop Software 1.8 contains a local buffer overflow vulnerability in the System Setup dialog that allows attackers to bypass DEP protections through structured exception handling exploitation. Attackers can inject a crafted payload into the Save Path for Snapshot and Record file field t...

8.6CVSS6.4AI score0.00156EPSS
Exploits0References3
CVE
CVE
added 2026/04/12 12:28 p.m.4 views

CVE-2019-25691

CVE-2019-25691 affects Faleemi Desktop Software 1.8. The vulnerability is a local buffer overflow in the System Setup dialog that enables DEP bypass through structured exception handling. An attacker can inject a crafted payload into the Save Path for Snapshot and Record file field to trigger a b...

8.6CVSS6.4AI score0.00156EPSS
Exploits0References3
Rows per page
Query Builder