CVE-2026-29125 IDC SFX2100 Satellite Receiver allows unprivileged modification of DNS configuration due to world-writable `/etc/resolv.conf`

IDC SFX2100 Satalite Recievers set the /etc/resolv.conf file to be world-writable by any local user, allowing DNS resolver tampering that can redirect network communications, facilitate man-in-the-middle attacks, and cause denial of service...

CVE-2025-69429

The ORICO NAS CD3510 version V1.9.12 and below contains an Incorrect Symlink Follow vulnerability that could be exploited by attackers to leak or tamper with the internal file system. Attackers can format a USB drive to ext4, create a symbolic link to its root directory, insert the drive into the...

EUVD-2017-8335

Malware in sbrugna...

EUVD-2017-8336

Malware in sbrugna...

EUVD-2024-47045

Malicious code in bioql PyPI...

EUVD-2021-8909

Malicious code in bioql PyPI...

Dell SupportAssist for Business PCs 安全漏洞

DELL SupportAssist for Business PCs is Dell's PC management solution for enterprise users, helping companies improve IT management efficiency and reduce O&M costs through AI-driven automated support, remote deployment and centralized control capabilities. An elevation of privilege vulnerability...

WordPress Lead Form Data Collection to CRM plugin elevation of privilege vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation, and WordPress plugin is an application plugin. An elevation of privilege vulnerability exists in the WordPress Lead Form Data Collection to CRM plugin, which stems from a missing capability check in the function...

CVE-2025-39201

CVE-2025-39201 refers to vulnerabilities in Hitachi Energy’s MicroSCADA X SYS600 affecting multiple subsystems (mailslot, monitors/logs, TLS certificate validation, and crafted IEC 61850 messages). Public sources (ICS advisories) indicate: a local access requirement can allow a local attacker to ...

CVE-2024-5913

An improper input validation vulnerability in Palo Alto Networks PAN-OS software enables an attacker with the ability to tamper with the physical file system to elevate privileges...

CVE-2024-5913

CVE-2024-5913 affects Palo Alto Networks PAN-OS. The issue is an improper input validation in PAN-OS software that enables an attacker with the ability to tamper with the physical file system to elevate privileges. The vulnerability is associated with a physical-access attack vector and has MEDIU...

Palo Alto Networks PAN-OS Security Vulnerability

Palo Alto Networks PAN-OS is a next-generation firewall software from Palo Alto Networks, USA. A security vulnerability exists in Palo Alto Networks PAN-OS that stems from the presence of an improper input validation vulnerability that allows an attacker to tamper with the physical file system to...

Fortinet FortiPortal File Upload Vulnerability

Fortinet FortiPortal is a hosted security analysis and management support tool for Fortinet's FortiGate, FortiWiFi and FortiAP product lines, available as a virtual machine for MSPs.Fortinet FortiPortal is vulnerable in versions 6.0.0 to 6.0.4, 5.3 .0 through 5.3.5, 5.2.0 through 5.2.5, and 4.2.2...

22-Year-Old Charged With Hacking Water System and Endangering Lives

A 22-year-old man from the U.S. state of Kansas has been indicted on charges that he unauthorizedly accessed a public water facility's computer system, jeopardizing the residents' safety and health in the local community. Wyatt A. Travnichek, 22, of Ellsworth County, Kansas, has been charged with...

Input validation

The CIDAM Protocol on some Huawei Products has multiple input validation vulnerabilities due to insufficient validation of specific messages when the protocol is implemented. An authenticated remote attacker could send a malicious message to a target system. Successful exploit could allow the...