1810 matches found
CVE-2023-25183
In Snap One OvrC Pro versions prior to 7.2, when logged into the superuser account, a new functionality appears that could allow users to execute arbitrary commands on the hub device...
CVE-2023-31240
Snap One OvrC Pro versions prior to 7.2 have their own locally running web server accessible both from the local network and remotely. OvrC cloud contains a hidden superuser account accessible through hard-coded credentials...
CVE-2023-31245
Devices using Snap One OvrC cloud are sent to a web address when accessing a web management interface using a HTTP connection. Attackers could impersonate a device and supply malicious information about the device’s web server interface. By supplying malicious parameters, an attacker could redire...
CVE-2023-31241
Snap One OvrC cloud servers contain a route an attacker can use to bypass requirements and claim devices outright...
CVE-2023-40707
There are no requirements for setting a complex password in the built-in web server of the SNAP PAC S1 Firmware version R10.3b, which could allow for a successful brute force attack if users don't set up complex credentials...
coldsnap (>=0.4.0 <=0.5.1) potentially affected by unknown CVE via aws-sdk-ebs (>=0.16.0 <=0.24.0)
aws-sdk-ebs CARGO version =0.16.0, =0.4.0, =0.5.1 Source cves: unknown CVE Source advisory: OSV:GHSA-G59M-GF8J-GJF5...
PT-2026-8209
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's Ceph implementation where an invalid pointer is passed to the kfree function within the parse longname function. This occurs when reading Ceph snapsho...
PT-2026-25897
Name of the Vulnerable Software and Affected Versions Ubuntu 16.04 LTS affected versions not specified Ubuntu 18.04 LTS affected versions not specified Ubuntu 20.04 LTS versions prior to 2.67.1+20.04ubuntu1esm1 Ubuntu 22.04 LTS affected versions not specified Ubuntu 24.04 LTS versions prior to...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992875)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992875 advisory. In the Linux kernel, the following vulnerability has been resolved: ceph: don't leak snaprwsem in handlecapgrant When handlecapgrant is called on an IMPORT op, then...
snap7-rs 安全漏洞
snap7-rs is a library for C++ by the individual developer gmg137. A security vulnerability exists in snap7-rs, which stems from an incorrect operation of the function snap7rs::client::S7Client::download in the file client.rs, which could result in a heap buffer overflow...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992465)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992465 advisory. In the Linux kernel, the following vulnerability has been resolved: ceph: don't leak snaprwsem in handlecapgrant When handlecapgrant is called on an IMPORT op, then...
CVE-2025-13281
A half-blind Server Side Request Forgery SSRF vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network including link-local ...
EUVD-2025-203308
A flaw has been found in gmg137 snap7-rs up to 1.142.1. This impacts the function TSnap7MicroClient::opWriteArea of the file s7microclient.cpp. Executing manipulation can lead to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has been published and may be us...
CVE-2025-14673
A vulnerability has been found in gmg137 snap7-rs up to 1.142.1. Affected is the function snap7rs::client::S7Client::asctwrite of the file /tests/snap7-rs/src/client.rs. The manipulation leads to heap-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to t...
CVE-2025-14672
A flaw has been found in gmg137 snap7-rs up to 1.142.1. This impacts the function TSnap7MicroClient::opWriteArea of the file s7microclient.cpp. Executing a manipulation can lead to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has been published and may be...
CVE-2025-14672 gmg137 snap7-rs s7_micro_client.cpp opWriteArea heap-based overflow
A flaw has been found in gmg137 snap7-rs up to 1.142.1. This impacts the function TSnap7MicroClient::opWriteArea of the file s7microclient.cpp. Executing a manipulation can lead to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has been published and may be...
CVE-2025-14330
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...
CVE-2025-14333
Memory safety bugs present in Firefox ESR 140.5, Thunderbird ESR 140.5, Firefox 145 and Thunderbird 145. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in...
CVE-2025-14332
Memory safety bugs present in Firefox 145 and Thunderbird 145. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 146 and Thunderbird 146...
CVE-2025-14324
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...