117 matches found
CVE-2026-40851
Technical details are not publicly available in the provided documents. Monitor for updates from NVD, CVE List, CIRCL, and CVELIST for any affected products, root cause, and fixes.
CVE-2021-27942
Vizio P65-F1 6.0.31.4-2 and E50x-E1 10.0.31.4-2 Smart TVs allow a threat actor to execute arbitrary code from a USB drive via the Smart Cast functionality, because files on the USB drive are effectively under the web root and can be executed...
Windows File Shredder: When deleting a file isn’t enough
Most of us think deleting a file means it’s gone for good. But “delete” on a Windows device often just means “out of sight,” not necessarily “out of reach.” That’s where File Shredder, a new feature within Malwarebytes Tools for Windows, comes in. File Shredder lets you securely delete files from...
CVE-2026-25603 Path Traversal vulnerability in Linksys MR9600, Linksys MX4200
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Linksys MR9600, Linksys MX4200 allows that contents of a USB drive partition can be mounted in an arbitrary location of the file system. This may result in the execution of shell scripts in the context o...
CVE-2026-25603
The CVE-2026-25603 issue is a path traversal vulnerability in Linksys MR9600 and MX4200. Affected products and versions are MR9600 1.0.4.205530 and MX4200 1.0.13.210200. The underlying flaw is improper limitation of a pathname to a restricted directory, allowing contents of a USB drive partition ...
CVE-2025-69429
The ORICO NAS CD3510 version V1.9.12 and below contains an Incorrect Symlink Follow vulnerability that could be exploited by attackers to leak or tamper with the internal file system. Attackers can format a USB drive to ext4, create a symbolic link to its root directory, insert the drive into the...
EUVD-2025-206720
An Incorrect Symlink Follow vulnerability exists in multiple Yottamaster NAS devices, including DM2 version equal to or prior to V1.9.12, DM3 version equal to or prior to V1.9.12, and DM200 version equal to or prior to V1.2.23 that could be exploited by attackers to leak or tamper with the intern...
CVE-2025-69430
An Incorrect Symlink Follow vulnerability exists in multiple Yottamaster NAS devices, including DM2 version equal to or prior to V1.9.12, DM3 version equal to or prior to V1.9.12, and DM200 version equal to or prior to V1.2.23 that could be exploited by attackers to leak or tamper with the intern...
EUVD-2025-206719
The ZSPACE Q2C NAS contains a vulnerability related to incorrect symbolic link following. Attackers can format a USB drive to ext4, create a symbolic link to its root directory, insert the drive into the NAS device's slot, and then access the USB drive's directory mounted on the NAS using the Sam...
CVE-2025-69430
An Incorrect Symlink Follow vulnerability exists in multiple Yottamaster NAS devices, including DM2 version equal to or prior to V1.9.12, DM3 version equal to or prior to V1.9.12, and DM200 version equal to or prior to V1.2.23 that could be exploited by attackers to leak or tamper with the intern...
CVE-2025-69431
The ZSPACE Q2C NAS contains a vulnerability related to incorrect symbolic link following. Attackers can format a USB drive to ext4, create a symbolic link to its root directory, insert the drive into the NAS device's slot, and then access the USB drive's directory mounted on the NAS using the Sam...
CVE-2025-69429
The ORICO NAS CD3510 version V1.9.12 and below contains an Incorrect Symlink Follow vulnerability that could be exploited by attackers to leak or tamper with the internal file system. Attackers can format a USB drive to ext4, create a symbolic link to its root directory, insert the drive into the...
CVE-2025-69429
Affected product: ORICO NAS CD3510 (versions V1.9.12 and below). Vulnerability: Incorrect Symlink Follow that lets an attacker format a USB drive (ext4), create a symbolic link to the drive’s root, insert it into the NAS, and access the symlink directory mounted on the NAS to leak or tamper with ...
EUVD-2025-206721
The ORICO NAS CD3510 version V1.9.12 and below contains an Incorrect Symlink Follow vulnerability that could be exploited by attackers to leak or tamper with the internal file system. Attackers can format a USB drive to ext4, create a symbolic link to its root directory, insert the drive into the...
CVE-2025-59392
On Elspec G5 devices through 1.2.2.19, a person with physical access to the device can reset the Admin password by inserting a USB drive containing a publicly documented reset string into a USB port...
EUVD-2020-26954
Malware in sbrugna...
EUVD-2021-14660
Malware in sbrugna...
EUVD-2017-5697
Malware in sbrugna...
EUVD-2007-0731
Malware in sbrugna...
EUVD-2020-26952
Malware in sbrugna...