CVE-2025-15573 Missing Certificate Validation for Solax Power Pocket WiFi models MQTT Cloud Connection

The affected devices do not validate the server certificate when connecting to the SolaX Cloud MQTTS server hosted in the Alibaba Cloud mqtt001.solaxcloud.com, TCP 8883. This allows attackers in a man-in-the-middle position to act as the legitimate MQTT server and issue arbitrary commands to...

EUVD-2020-0090

Malware in sbrugna...

SUSE CVE-2020-26215

Jupyter Notebook before version 6.1.5 has an Open redirect vulnerability. A maliciously crafted link to a notebook server could redirect the browser to a different website. All notebook servers are technically affected, however, these maliciously crafted links can only be reasonably made for know...

GHSA-GRFJ-WJV9-4F9V Open redirect in Jupyter Server

Impact What kind of vulnerability is it? Who is impacted? Open redirect vulnerability - a maliciously crafted link to a jupyter server could redirect the browser to a different website. All jupyter servers are technically affected, however, these maliciously crafted links can only be reasonably...

Open redirect in Jupyter Server

Impact What kind of vulnerability is it? Who is impacted? Open redirect vulnerability - a maliciously crafted link to a jupyter server could redirect the browser to a different website. All jupyter servers are technically affected, however, these maliciously crafted links can only be reasonably...

Open redirect

Jupyter Server before version 1.0.6 has an Open redirect vulnerability. A maliciously crafted link to a jupyter server could redirect the browser to a different website. All jupyter servers are technically affected, however, these maliciously crafted links can only be reasonably made for known...

CVE-2020-26232

Jupyter Server before version 1.0.6 has an Open redirect vulnerability. A maliciously crafted link to a jupyter server could redirect the browser to a different website. All jupyter servers are technically affected, however, these maliciously crafted links can only be reasonably made for known...

CVE-2020-26232 Open redirect in Jupyter Server

Jupyter Server before version 1.0.6 has an Open redirect vulnerability. A maliciously crafted link to a jupyter server could redirect the browser to a different website. All jupyter servers are technically affected, however, these maliciously crafted links can only be reasonably made for known...

Open redirect in Jupyter Notebook

Impact What kind of vulnerability is it? Who is impacted? Open redirect vulnerability - a maliciously crafted link to a notebook server could redirect the browser to a different website. All notebook servers are technically affected, however, these maliciously crafted links can only be reasonably...

ntp: DoS on client ntpd using server mode packet

A flaw was found in the Network Time Protocol NTP, where a security issue exists that allows an off-path attacker to prevent the Network Time Protocol daemon ntpd from synchronizing with NTP servers not using authentication. A server mode packet with a spoofed source address sent to the client nt...

ALPINE-CVE-2018-5732

Failure to properly bounds-check a buffer used for processing DHCP options allows a malicious server or an entity masquerading as a server to cause a buffer overflow and resulting crash in dhclient by sending a response containing a specially constructed options section. Affects ISC DHCP versions...

IBM Rational ClearQuest Man-in-the-Middle Attack Vulnerability

IBM Rational ClearQuest is a suite of Application Lifecycle Management ALM software from IBM, USA. The software provides defect tracking, process customization, and real-time reporting for applications to improve visibility and control of the development cycle. A man-in-the-middle attack...

SAFE'N'SEC SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft TPSecure and SoftControl/SafenSoft Enterprise Suite Unauthorized Operation Vulnerabilities

SAFE'N'SEC SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft TPSecure, and SoftControl/SafenSoft Enterprise Suite are Russian SAFE'N'SEC's proactive defense-capable malware applications. SAFE'N'SEC SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft TPSecure, and SoftControl/SafenSoft...

Circle with Disney Remote Code Execution Vulnerability (CNVD-2017-33180)

Circle with Disney is a set of network monitoring and management devices for monitoring children's online behavior from Circle Media, Inc. in the United States. A remote code execution vulnerability exists in the database update feature in Circle with Disney version 2.0.1. The vulnerability can b...

Microsoft Windows SMBv3 Denial of Service Vulnerability

SMB is a network file-sharing protocol that allows applications and end users to access file resources from a remote file server.Microsoft Windows is a popular operating system. A denial of service vulnerability exists in Microsoft Windows SMBv3. An attacker can launch a denial of service attack ...

SUSE SLED12 / SLES12 Security Update : ntp (SUSE-SU-2016:1568-1)

ntp was updated to version 4.2.8p8 to fix 17 security issues. These security issues were fixed : - CVE-2016-4956: Broadcast interleave bsc982068. - CVE-2016-2518: Crafted addpeer with hmode 7 causes array wraparound with MATCHASSOC bsc977457. - CVE-2016-2519: ctlgetitem return value not always...

openSUSE Security Update : ntp (openSUSE-2016-727)

ntp was updated to fix five security issues. These security issues were fixed : - CVE-2016-4953: Bad authentication demobilizes ephemeral associations bsc982065. - CVE-2016-4954: Processing spoofed server packets bsc982066. - CVE-2016-4955: Autokey association reset bsc982067. - CVE-2016-4956:...

SUSE-SU-2016:1568-1 Security update for ntp

ntp was updated to version 4.2.8p8 to fix 17 security issues. These security issues were fixed: - CVE-2016-4956: Broadcast interleave bsc982068. - CVE-2016-2518: Crafted addpeer with hmode 7 causes array wraparound with MATCHASSOC bsc977457. - CVE-2016-2519: ctlgetitem return value not always...

Siemens COMPAS Mobile Application Input Validation Vulnerability

Siemens COMPAS Mobile application for Android is an Android-based application from Siemens for quickly searching and viewing existing quotations and orders as well as generating reports and drawings. A security vulnerability exists in versions 1.5 and earlier of the Siemens COMPAS Mobile...

Stack overflow

Multiple stack-based buffer overflows in Novell GroupWise Messenger GWIM Client before 2.0.3 HP1 for Windows allow remote attackers to execute arbitrary code via "spoofed server responses" that contain a long string after the NMASZTRANSACTIONID field name...