EUVD-2026-32520

Nocturne Memory is a lightweight, rollbackable, and visual Long-Term Memory Server for MCP Agents. Prior to 2.4.1, when APITOKEN is unset or empty, the BearerTokenAuthMiddleware bypasses authentication for all HTTP requests. Combined with the default 0.0.0.0 host binding and CORS alloworigins="",...

CVE-2026-0539 Local Privilege Escalation in pcvisit service client

Incorrect Default Permissions in pcvisit service binary on Windows allows a low-privileged local attacker to escalate their privileges by overwriting the service binary with arbitrary contents. This service binary is automatically launched with NT\SYSTEM privileges on boot. This issue affects all...

EUVD-2020-30868

Quick 'n Easy FTP Service 3.2 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code during service startup. Attackers can exploit the misconfigured service binary path to inject malicious executables with elevated LocalSystem privileges during syste...

CVE-2025-71108

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Handle incorrect numconnectors capability The UCSI spec states that the numconnectors field is 7 bits, and the 8th bit is reserved and should be set to zero. Some buggy FW has been known to set this bit, and it...

CVE-2023-54256

The CVE-2023-54256 entry ties to a Linux kernel vulnerability in the USB host controller (dwc3) where the device-side reset could be incorrectly issued during boot in host-only configurations. The issue stems from the core/PHY power-off handling in host mode; a race or uninitialized current dual-...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988870)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988870 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: do not complete dpauxcmdfifotx if irq is not for aux transfer There are 3 possible...

EUVD-2002-2084

Malware in sbrugna...

EUVD-2024-25985

Malicious code in bioql PyPI...

EUVD-2023-45122

Malicious code in bioql PyPI...

EUVD-2025-13931

Malicious code in bioql PyPI...

EUVD-2023-45121

Malicious code in bioql PyPI...

SUSE CVE-2025-39709

In the Linux kernel, the following vulnerability has been resolved: media: venus: protect against spurious interrupts during probe Make sure the interrupt handler is initialized before the interrupt is registered. If the IRQ is registered before hficreate, it's possible that an interrupt fires...

Linux Distros Unpatched Vulnerability : CVE-2025-39709

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: venus: protect against spurious interrupts during probe Make sure the interrupt handler is initialized before the interrupt is registered. If the IRQ is...

CVE-2025-39709 media: venus: protect against spurious interrupts during probe

In the Linux kernel, the following vulnerability has been resolved: media: venus: protect against spurious interrupts during probe Make sure the interrupt handler is initialized before the interrupt is registered. If the IRQ is registered before hficreate, it's possible that an interrupt fires...

PT-2025-31647 · Unknown +1 · Ak-Nord Usb-Server-Lxl +1

Name of the Vulnerable Software and Affected Versions: AK-Nord USB-Server-LXL Firmware version 0.0.16 Build 2023-03-13 Description: Insecure permissions within the /etc/init.d/lighttpd script allow a locally authenticated low-privilege user to execute arbitrary commands with root privileges. This...

NewStart CGSL MAIN 7.02 : shim Multiple Vulnerabilities (NS-SA-2025-0179)

The remote NewStart CGSL host, running version MAIN 7.02, has shim packages installed that are affected by multiple vulnerabilities: - A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's...

[SECURITY] Fedora 42 Update: microcode_ctl-2.1-70.fc42

The microcodectl utility is a companion to the microcode driver written by Tigran Aivazian . The microcode update is volatile and needs to be uploaded on each system boot i.e. it doesn't reflash your cpu permanently, reboot and it reverts back to the old microcode...

CVE-2022-1892

A buffer overflow in the SystemBootManagerDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code...

CVE-2025-4043

An admin user can gain unauthorized write access to the /etc/rc.local file on the device, which is executed on a system boot...

CVE-2025-4043

An admin user can gain unauthorized write access to the /etc/rc.local file on the device, which is executed on a system boot...