26 matches found
CVE-2025-61228
An issue in Shirt Pocket SuperDuper! V.3.10 and before allows a local attacker to execute arbitrary code via the software update mechanism...
EUVD-2018-17982
Malware in sbrugna...
EUVD-2018-1500
Malware in sbrugna...
EUVD-2013-3600
Malware in sbrugna...
EUVD-2025-19127
Malicious code in bioql PyPI...
EUVD-2023-54442
Malicious code in bioql PyPI...
CVE-2025-5832
Pioneer DMH-WT7600NEX Software Update Signing Insufficient Verification of Data Authenticity Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Pioneer DMH-WT7600NEX devices. Authentication is not required to exploit this...
CVE-2025-5832
Pioneer DMH-WT7600NEX Software Update Signing Insufficient Verification of Data Authenticity Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Pioneer DMH-WT7600NEX devices. Authentication is not required to exploit this...
CVE-2025-5832
Pioneer DMH-WT7600NEX Software Update Signing insufficient verification of data authenticity is documented as a vulnerability. The flaw lies in the software update verification process where data in the update is not fully validated, allowing a physically present attacker to execute arbitrary cod...
CVE-2021-41848
An issue was discovered in Luna Simo PPR1.180610.011/202001031830. It mishandles software updates such that local third-party apps can provide a spoofed software update file that contains an arbitrary shell script and arbitrary ARM binary, where both will be executed as the root user with an...
CVE-2020-11718
An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and below. Its software-update packages are downloaded via cleartext HTTP...
istioctl-1.25.1-1.1 on GA media (moderate)
istioctl-1.25.1-1.1 on GA media Announcement ID: openSUSE-SU-2025:14938-1 Rating: moderate Cross-References: CVE-2025-30157 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...
SUSE-SU-2025:0574-1 Security update for emacs
This update for emacs fixes the following issues: - CVE-2025-1244: improper handling of custom 'man' URI schemes allow for shell command injections. bsc1237091...
CVE-2024-44231
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.1. A person with physical access to a Mac may be able to bypass Login Window during a software update...
BELL-CVE-2024-46763
Bulletin has no description...
CVE-2022-25768
The logic in place to facilitate the update process via the user interface lacks access control to verify if permission exists to perform the tasks. Prior to this patch being applied it might be possible for an attacker to access the Mautic version number or to execute parts of the upgrade proces...
SUSE-SU-2023:0696-1 Security update for tomcat
This update for tomcat fixes the following issues: - CVE-2023-24998: Fixed FileUpload DoS with excessive parts bsc1208513...
SUSE-SU-2023:0275-1 Security update for rubygem-activesupport-5_1
This update for rubygem-activesupport-51 fixes the following issues: - CVE-2023-22796: Fixed a potential denial of service when passing a crafted input to the underscore method due to an inefficient regular expression bsc1207454...
SUSE-SU-2022:0062-1 Security update for openexr
This update for openexr fixes the following issues: - CVE-2021-45942: Fixed heap-based buffer overflow in Imf31:LineCompositeTask:execute. bsc1194333...
The vulnerability of the software for updating Schneider Electric Software Update (SESU) lies in the possibility of restoring unreliable data in memory, allowing a hacker to execute arbitrary code.
The vulnerability of the software for updating Schneider Electric Software Update SESU involves the restoration of unreliable data in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...