Malicious code in gradio-videotimeline (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4c60699afd7e95b0d638703849ef060a53327d2aa47f98909ced4e7327ffea3c Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from an out-of-bounds write during memory port configuration, which could lead to memory corruption...

PT-2025-40132

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.0.0-rc7-02243-gb84a13ff4eda Description A crash can occur in the Bluetooth stack when attempting to connect multiple ISO sockets without using DEFER SETUP. This issue is related to a null-ptr-deref in the hci...

CVE-2025-34231

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 VA/SaaS deployments contain a blind and non-blind server-side request forgery SSRF vulnerability. The '/var/www/app/consolerelease/hp/badgeSetup.php' script is reachable...

CVE-2025-34231

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 VA/SaaS deployments contain a blind and non-blind server-side request forgery SSRF vulnerability. The '/var/www/app/consolerelease/hp/badgeSetup.php' script is reachable...

CVE-2025-34223

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 22.0.1049 and Application prior to version 20.0.2786 VA/SaaS deployments contain a default admin account and an installation‑time endpoint at /admin/query/updatedatabase.php that can be accessed without authentication. An...

CVE-2025-34231

Vulation Print (PrinterLogic) SSRF vulnerability CVE-2025-34231 affects Vasion Print Virtual Appliance Host <25.1.102 and Application

CVE-2025-34231 Vasion Print (formerly PrinterLogic) SSRF via HP badgeSetup.php

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 VA/SaaS deployments contain a blind and non-blind server-side request forgery SSRF vulnerability. The '/var/www/app/consolerelease/hp/badgeSetup.php' script is reachable...

CVE-2025-34223

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 22.0.1049 and Application prior to version 20.0.2786 VA/SaaS deployments contain a default admin account and an installation‑time endpoint at /admin/query/updatedatabase.php that can be accessed without authentication. An...

CVE-2025-34223 Vasion Print (formerly PrinterLogic) Insecure Installation Credentials

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 22.0.1049 and Application prior to version 20.0.2786 VA/SaaS deployments contain a default admin account and an installation‑time endpoint at /admin/query/updatedatabase.php that can be accessed without authentication. An...

CVE-2025-34223

CVE-2025-34223 affects Vasion Print Virtual Appliance Host (pre-22.0.1049) and Vasion Print Application (pre-20.0.2786). An unauthenticated attacker can reach an installation-time endpoint at /admin/query/update_database.php, submit arbitrary root_user/root_password values, and replace the defaul...

D-Link DIR-823X Command Injection Vulnerability (CNVD-2025-23369)

The D-Link DIR-823X is a wireless router from China's AUO D-Link. The D-Link DIR-823X suffers from a command injection vulnerability that originates from the misuse of the parameter macList in the file /goform/setwifiblacklists, which can be exploited by an attacker to cause remote command...

Vasion Print Virtual Appliance Host 安全漏洞

Vasion Print Virtual Appliance Host is a print management software from Vasion USA. A security vulnerability exists in Vasion Print Virtual Appliance Host versions prior to 25.1.102, which originates from the /var/www/app/consolerelease/hp/badgeSetup.php script being accessible without...

PT-2025-39888

Name of the Vulnerable Software and Affected Versions Vasion Print versions prior to 22.0.1049 Vasion Print Application versions prior to 20.0.2786 Description The Vasion Print Virtual Appliance Host and Application contain a default admin account and an installation-time endpoint at...

CVE-2025-5494

ZohoCorp ManageEngine Endpoint Central was impacted by an improper privilege management issue in the agent setup. This issue affects Endpoint Central: through 11.4.2500.25, through 11.4.2508.13...

CVE-2025-35027

Multiple robotic products by Unitree sharing a common firmware, including the Go2, G1, H1, and B2 devices, contain a command injection vulnerability. By setting a malicious string when configuring the on-board WiFi via a BLE module of an affected robot, then triggering a restart of the WiFi...

Unitree多款产品 安全漏洞

Unitree Go2 and others are products of Unitree, a Chinese company.Unitree Go2 is a robot dog.Unitree G1 is a humanoid robot.Unitree H1 is a humanoid robot. A security vulnerability exists in various Unitree products that stems from unverified input when configuring onboard WiFi via a BLE module,...

CVE-2025-20293

A vulnerability in the Day One setup process of Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers for Cloud 9800-CL could allow an unauthenticated, remote attacker to access the public-key infrastructure PKI server that is running on an affected device. This vulnerability is due...

CVE-2025-47329

Memory corruption while handling invalid inputs in application info setup...

CVE-2025-5494

ZohoCorp ManageEngine Endpoint Central was impacted by an improper privilege management issue in the agent setup. This issue affects Endpoint Central: through 11.4.2500.25, through 11.4.2508.13...