CVE-2026-23557 Xenstored DoS via XS_RESET_WATCHES command

Any guest can cause xenstored to crash by issuing a XSRESETWATCHES command within a transaction due to an assert triggering. In case xenstored was built with NDEBUG defined nothing bad will happen, as assert is doing nothing in this case. Note that the default is not to define NDEBUG for xenstore...

CVE-2026-33014

The CVE-2026-33014 entry describes a vulnerability in the EVerest EV charging software stack where, before version 2026.02.0, a delayed authorization response during RemoteStop processing resets the authorized flag to true, bypassing the stop_transaction() condition on PowerOff events. This allow...

CVE-2026-28230

SteVe is an open-source EV charging station management system. In versions up to and including 3.11.0, when a charger sends a StopTransaction message, SteVe looks up the transaction solely by transactionId a sequential integer starting from 1 without verifying that the requesting charger matches...

EUVD-2010-5098

Malware in sbrugna...

EUVD-2021-24057

Malware in sbrugna...

EUVD-2025-22323

Malicious code in bioql PyPI...

EUVD-2022-5615

Malicious code in bioql PyPI...

CVE-2025-10060

CVE-2025-10060 : MongoDB Server may allow upsert operations retried within a transaction to violate a unique index constraint, potentially causing an invariant failure and server crash during commit. Root cause: improper WriteUnitOfWork state management. Affected: MongoDB Server v6.0 before 6.0.2...

CVE-2025-46018

CSC Pay Mobile App 2.19.4 fixed in version 2.20.0 contains a vulnerability allowing users to bypass payment authorization by disabling Bluetooth at a specific point during a transaction. This could result in unauthorized use of laundry services and potential financial loss...

CVE-2025-6312

CVE-2025-6312 affects Campcodes Sales and Inventory System v1.0, with SQL injection in /pages/cash_transaction.php via the cid parameter. The vulnerability is exploitable remotely and exploits have been disclosed publicly. Multiple sources (including Red Hat and PT Security) indicate a lack of a ...

Namada-apps can Crash with Excessive Computation in Mempool Validation

Impact A malicious transaction may cause a crash in mempool validation. A transaction with authorization section containing 256 public keys or more with valid matching signatures triggers an integer overflow in signature verification that causes a the node to panic. Patches This issue has been...

IBM CICS TX 安全漏洞

IBM CICS TX is a comprehensive, single transaction runtime package from International Business Machines IBM. IBM CICS TX version 11.1 is vulnerable to an information disclosure vulnerability that stems from not setting security properties on authorization tokens or session cookies. An attacker...

CVE-2022-42325

Xenstore: Guests can create arbitrary number of nodes via transactions This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. In case a node has been created in a transaction and it is later deleted in the same transaction, t...

[M1] Incorrect amount of gas sent in _distributeFunds

Lines of code Vulnerability details Impact In case recipients consume more gas than expected the transaction could revert or cost can be too high. Proof of Concept According to the definition of the variable SENDVALUEGASLIMITMULTIPLERECIPIENTS you intend to use all that gas for all recipients. /...

CVE-2010-0270

The SMB client in Microsoft Windows Server 2008 R2 and Windows 7 does not properly validate fields in SMB transaction responses, which allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code or cause a denial of service memory corruption and reboot via a crafted 1 SMBv...