14 matches found
EUVD-2025-209746
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: 8822b: Avoid WARNING in rtw8822bconfigtrxmode rtw8822bsetantenna can be called from userspace when the chip is powered off. In that case a WARNING is triggered in rtw8822bconfigtrxmode because trying to read the RF...
CVE-2025-71297
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: 8822b: Avoid WARNING in rtw8822bconfigtrxmode rtw8822bsetantenna can be called from userspace when the chip is powered off. In that case a WARNING is triggered in rtw8822bconfigtrxmode because trying to read the RF...
CVE-2025-71297
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: 8822b: Avoid WARNING in rtw8822bconfigtrxmode rtw8822bsetantenna can be called from userspace when the chip is powered off. In that case a WARNING is triggered in rtw8822bconfigtrxmode because trying to read the RF...
PT-2026-38922
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the rtw88 wireless driver where the rtw8822b set antenna function can be called from userspace while the chip is powered off. This sequence triggers a warning in the...
CVE-2026-1969
The trxaddons WordPress plugin before 2.38.5 does not correctly validate file types in one of its AJAX action, allowing unauthenticated users to upload arbitrary file. This is due to an incorrect fix of CVE-2024-13448...
EUVD-2026-14361
The trxaddons WordPress plugin before 2.38.5 does not correctly validate file types in one of its AJAX action, allowing unauthenticated users to upload arbitrary file. This is due to an incorrect fix of CVE-2024-13448...
PT-2026-27060
Name of the Vulnerable Software and Affected Versions trx addons WordPress plugin versions prior to 2.38.5 Description The software does not properly validate file types during an AJAX action, potentially allowing unauthenticated users to upload arbitrary files. This is related to a previous fix...
CVE-2025-64030
Eximbills Enterprise 4.1.5 (built 2020-10-30) is vulnerable to authenticated stored cross-site scripting (CWE-79) via the /EximBillWeb/servlets/WSTrxManager endpoint. Unsanitized input in the TMPL_INFO parameter is stored server-side and rendered to other users, enabling arbitrary JavaScript exec...
XML External Entity (XXE) Injection
Overview Affected versions of this package are vulnerable to XML External Entity XXE Injection due to the DocumentBuilderFactory used in the XunitXmlPlugin.java file, which is used without disabling DTDs or external entities.. An attacker can access arbitrary files on the file system or initiate...
PT-2025-4001 · WordPress · Themerex Addons
Name of the Vulnerable Software and Affected Versions: ThemeREX Addons plugin for WordPress versions up to and including 2.33.0 Description: The issue arises from the trx sc reviews shortcode type attribute, allowing authenticated attackers with contributor-level or higher permissions to include...
trx-training.de Improper Access Control vulnerability OBB-3772835
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Stack Buffer Overflow Vulnerability in OsmoCOM Osmo-TRX/Osmo-BTS
Osmocom is a series of projects on open source mobile communications, including software tools for GSM, DECT, TETRA and other mobile communication standards. A stack buffer overflow vulnerability exists in OsmoCOM Osmo-TRX/Osmo-BTS. An attacker could exploit the vulnerability by sending an...
Authentication Vulnerability in OsmoCOM Osmo-TRX/Osmo-BTS
Osmocom is a series of projects on open source mobile communications, including software tools for GSM, DECT, TETRA and other mobile communication standards. An authentication vulnerability exists in OsmoCOM Osmo-TRX/Osmo-BTS. An unauthenticated, remote attacker could exploit the vulnerability to...
TRX - External URLs, Native code usage, SD-card access vulnerabilities
HackApp vulnerability scanner discovered that application TRX published at the 'play' market has multiple vulnerabilities...