Deciso OPNsense 跨站请求伪造漏洞

Deciso OPNsense is a set of open-source firewall and routing software based on FreeBSD developed by the Dutch company Deciso. Versions of Decivo OPNsense prior to 26.1.4 contained a cross-site request forgery vulnerability. This vulnerability stemmed from multiple OPNsense MVC API endpoints, whic...

EUVD-2012-0972

Malware in sbrugna...

EUVD-2025-14029

Malicious code in bioql PyPI...

PT-2025-32672 · Ami · Ami Aptiov

Name of the Vulnerable Software and Affected Versions: AMI APTIOV affected versions not specified Description: AMI APTIOV BIOS contains a flaw that allows a local user to cause an “Improper Initialization” condition. Successful exploitation may result in an unexpected system state, potentially...

CVE-2025-0505

On Arista CloudVision systems virtual or physical on-premise deployments, Zero Touch Provisioning can be used to gain admin privileges on the CloudVision system, with more permissions than necessary, which can be used to query or manipulate system state for devices under management. Note that...

CVE-2024-48866

An improper handling of URL encoding Hex Encoding vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to run the system into unexpected state. We have already fixed the vulnerability in the following...

RLSA-2023:0837 Moderate: systemd security and bug fix update

The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes...

K46603852: Intel CPU vulnerability CVE-2017-5691

Security Advisory Description Incorrect check in Intel processors from 6th and 7th Generation Intel Core Processor Families, Intel Xeon E3-1500M v5 and v6 Product Families, and Intel Xeon E3-1200 v5 and v6 Product Families allows compromised system firmware to impact SGX security via incorrect...

CVE-2022-38124

Debug tool in Secomea SiteManager allows logged-in administrator to modify system state in an unintended manner...

CVE-2022-38124

Debug tool in Secomea SiteManager allows logged-in administrator to modify system state in an unintended manner...

CVE-2022-38124 Unwanted debug tool

Debug tool in Secomea SiteManager allows logged-in administrator to modify system state in an unintended manner...

CVE-2022-38124

CVE-2022-38124 concerns Secomea SiteManager. Documents describe a debugging tool that, when accessed by a logged-in administrator, allows modification of the system state in an unintended manner. Concrete impact details are limited to this behavior; no explicit exploitation, affected versions, ro...

PT-2022-24218 · Secomea · Secomea Sitemanager

Name of the Vulnerable Software and Affected Versions: Secomea SiteManager affected versions not specified Description: The issue allows a logged-in administrator to modify the system state in an unintended manner through a debug tool. Recommendations: At the moment, there is no information about...

CVE-2022-31225

Dell BIOS versions contain an Unchecked Return Value vulnerability. A local authenticated administrator user could potentially exploit this vulnerability in order to change the state of the system or cause unexpected failures...

CVE-2022-31220

Dell BIOS versions contain an Unchecked Return Value vulnerability. A local authenticated administrator user could potentially exploit this vulnerability in order to change the state of the system or cause unexpected failures...

Dell BIOS 安全漏洞

Dell BIOS is embedded software on a small memory chip on the motherboard of a computer from Dell USA. The Dell BIOS contains a security vulnerability that can be exploited by attackers to change the state of the system or cause unexpected failures...

CVE-2022-31221

Dell BIOS versions contain an Information Exposure vulnerability. A local authenticated administrator user could potentially exploit this vulnerability in order access sensitive state information on the system...

CVE-2022-31220

Dell BIOS versions contain an Unchecked Return Value vulnerability. A local authenticated administrator user could potentially exploit this vulnerability in order to change the state of the system or cause unexpected failures...

User Could Change The State Of The System While In Pause Mode

Lines of code Vulnerability details Proof-of-Concept Calling NibblVault.updateTWAP function will change the state of the system. It will cause the TWAP to be updated and buyout to be rejected in certain condition. When the system is in Pause mode, the system state should be frozen. However, it wa...

CVE-2022-1318

Hills ComNav version 3002-19 suffers from a weak communication channel. Traffic across the local network for the configuration pages can be viewed by a malicious actor. The size of certain communications packets are predictable. This would allow an attacker to learn the state of the system if the...