PT-2025-27247 · Trendmakers · Trendmakers Sight Bulb Pro

Name of the Vulnerable Software and Affected Versions: TrendMakers Sight Bulb Pro affected versions not specified Description: The issue arises during the initial setup of the device, where the user connects to an access point broadcast by the Sight Bulb Pro. During this negotiation, AES Encrypti...

Exploit for CVE-2024-38819

CVE-2024-38819: Proof of Concept PoC This is a proof of con...

CVE-2025-6568

A vulnerability classified as critical has been found in TOTOLINK EX1200T 4.1.2cu.5232B20210713. Affected is an unknown function of the file /boafrm/formIpv6Setup of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to...

K000152019: Python Setup Tools vulnerability CVE-2024-6345

Security Advisory Description A vulnerability in the packageindex module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers,...

NCR Atleos Terminal Handler 安全漏洞

NCR Atleos Terminal Handler is an ATM enterprise software solution from NCR Atleos that reduces costs, improves business agility and increases your competitive advantage. A security vulnerability exists in NCR Atleos Terminal Handler version 1.5.1, which stems from an improperly configured system...

The vulnerability of the software for configuring and setting up devices of the Universal Relay (UR) series, GE Vernova Enervista UR Setup, stems from the lack of authenticity verification for a critical function. This allows attackers to carry out “man-in-the-middle” type attacks.

The vulnerability of the software for configuring and setting up Universal Relay UR devices from GE Vernova Enervista UR Setup is related to the lack of authenticity verification for a critical function. Exploiting this vulnerability allows an attacker who operates remotely to carry out...

The vulnerability of the software for configuring and setting up Universal Relay (UR) devices from GE Vernova Enervista UR Setup lies in the authentication procedures’ deficiencies, which allow attackers to influence the integrity of the protected information.

The vulnerability of the software for configuring and setting up devices of the Universal Relay UR series from GE Vernova Enervista UR Setup is related to deficiencies in the authentication process. Exploiting this vulnerability could allow attackers to compromise the integrity of the protected...

The vulnerability of the software for configuring and setting up devices of the UR series from GE Vernova Enervista UR Setup lies in the use of rigidly encrypted credentials. This allows a malicious individual to influence the integrity of the protected information.

The vulnerability of the software for configuring and setting up devices of the Universal Relay UR series from GE Vernova Enervista UR Setup lies in the use of rigidly encrypted credentials. Exploiting this vulnerability could allow an attacker to influence the integrity of the protected...

CVE-2025-6402

A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been declared as critical. This vulnerability affects unknown code of the file /boafrm/formIpv6Setup of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack...

From LLMs to MLLMs to Agents: a Survey of Emerging Paradigms in Jailbreak Attacks and Defenses within LLM Ecosystem

Large language models LLMs are rapidly evolving from single-modal systems to multimodal LLMs and intelligent agents, significantly expanding their capabilities while introducing increasingly severe security risks. This paper presents a systematic survey of the growing complexity of jailbreak...

CVE-2025-6370

A vulnerability classified as critical was found in D-Link DIR-619L 2.06B01. Affected by this vulnerability is the function formWlanGuestSetup of the file /goform/formWlanGuestSetup. The manipulation of the argument curTime leads to stack-based buffer overflow. The attack can be launched remotely...

The vulnerability of the Cisco AnyConnect VPN server in the microprogramming software for Cisco Meraki MX and Cisco Meraki Z series network devices, known as Teleworker Gateway, allows a intruder to cause a service failure.

The vulnerability of the Cisco AnyConnect VPN server of the microsoftware for Cisco Meraki MX and Cisco Meraki Z series Teleworker Gateways is related to the use of an uninitialized variable during the establishment of an SSL VPN session. Exploiting this vulnerability can allow a malicious actor ...

D-Link DIR-619L 安全漏洞

The D-Link DIR-619L is a wireless router designed for home and small office environments, utilizing the IEEE 802.11n wireless standard with a maximum transmission rate of 300Mbps. A stack overflow vulnerability exists in the D-Link DIR-619L /goform/formWlanGuestSetup, which stems from improperly...

CLSA-2025-1750353839 kernel: Fix of 6 CVEs

pfifotailenqueue: Drop new packet when sch-limit == 0 CVE-2025-21702 - xfs: add bounds checking to xlogrecoverprocessdata CVE-2024-41014 - netfilter: validate user input for expected length CVE-2024-35896 - nfs: fix UAF in direct writes CVE-2024-26958 - Squashfs: check the inode number is not the...

SUSE CVE-2022-50091

In the Linux kernel, the following vulnerability has been resolved: locking/csdlock: Change csdlockdebug from earlyparam to setup The csdlockdebug kernel-boot parameter is parsed by the earlyparam function csdlockdebug. If set, csdlockdebug invokes staticbranchenable to enable csdlockwait feature...

DEBIAN-CVE-2022-50134

In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: fix potential memory leak in setupbasectxt setupbasectxt allocates a memory chunk for uctxt-groups with hfi1allocctxtrcvgroups. When inituserctxt fails, uctxt-groups is not released, which will lead to a memory leak. W...

CVE-2022-50106

In the Linux kernel, the following vulnerability has been resolved: powerpc/cell/axonmsi: Fix refcount leak in setupmsimsgaddress ofgetnextparent returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. Add missing ofnodeput in the error path to avoid...

DEBIAN-CVE-2022-50091

In the Linux kernel, the following vulnerability has been resolved: locking/csdlock: Change csdlockdebug from earlyparam to setup The csdlockdebug kernel-boot parameter is parsed by the earlyparam function csdlockdebug. If set, csdlockdebug invokes staticbranchenable to enable csdlockwait feature...

UBUNTU-CVE-2022-50091

In the Linux kernel, the following vulnerability has been resolved: locking/csdlock: Change csdlockdebug from earlyparam to setup The csdlockdebug kernel-boot parameter is parsed by the earlyparam function csdlockdebug. If set, csdlockdebug invokes staticbranchenable to enable csdlockwait feature...

UBUNTU-CVE-2022-50138

In the Linux kernel, the following vulnerability has been resolved: RDMA/qedr: Fix potential memory leak in qedrallocmr qedrallocmr allocates a memory chunk for "mr-info.pbltable" with initmrinfo. When rdmaalloctid and rdmaregistertid fail, "mr" is released while "mr-info.pbltable" is not release...