OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.11 contained security vulnerabilities. These vulnerabilities were due to approval integrity issues. When precise file binding was not possible, attackers could modify scripts...

CVE-2023-45616

There is a buffer overflow vulnerability in the underlying AirWave client service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's access point management protocol UDP port 8211. Successful exploitation of this vulnerabilit...

CVE-2025-61806

Substance3D - Stager versions 3.1.4 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current...

PT-2025-41313

Name of the Vulnerable Software and Affected Versions Web Developer for Chrome versions prior to 0.5.0 Description The Web Developer for Chrome extension contained malicious code that generated a domain using a domain generation algorithm DGA and retrieved a remote script. This script loaded...

EUVD-2018-4126

Malware in sbrugna...

EUVD-2002-1996

Malware in sbrugna...

EUVD-2003-0887

Malware in sbrugna...

EUVD-2019-16745

Malware in sbrugna...

EUVD-2010-4072

Malware in sbrugna...

EUVD-2002-1614

Malware in sbrugna...

EUVD-2025-24606

Malicious code in bioql PyPI...

CVE-2025-54187

CVE-2025-54187 applies to Substance3D Painter versions up to 11.0.2, which are affected by an out-of-bounds write vulnerability that could allow arbitrary code execution under the current user. Exploitation requires user interaction: a victim must open a malicious file. Affected vendors list Adob...

CVE-2025-33092

IBM Db2 for Linux 12.1.0, 12.1.1, and 12.1.2 is vulnerable to a stack-based buffer overflow in db2fm, caused by improper bounds checking. A local user could overflow the buffer and execute arbitrary code on the system...

CVE-2025-33112

IBM AIX 7.3 and IBM VIOS 4.1.1 Perl implementation could allow a non-privileged local user to exploit a vulnerability to execute arbitrary code due to improper neutralization of pathname input...

CVE-2025-42993

Summary: CVE-2025-42993 affects SAP S/4HANA (Enterprise Event Enablement). A missing authorization check allows an attacker with access to Inbound Binding Configuration to create an RFC destination and assign a high-privilege user, enabling code execution under that user’s privileges. Impact is l...

CVE-2025-0161

IBM Security Verify Access Appliance (Affecting 10.0.0.0–10.0.9.0 and 11.0.0.0) is vulnerable to local code execution due to improper restrictions on code generation (CWE-94). The IBM Security Bulletin details that a local user could exploit this to execute arbitrary code. Remediation is to upgra...

Vulnerabilities fixed in Wind River Linux

Vulnerabilities have been fixed in Wind River Linux. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution Administrator/Root rights Remote...

Linux kernel post-release reuse vulnerability (CNVD-2021-14804)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A kernel stack reuse after release vulnerability exists in PI futex in Linux kernel 5.10.11 and earlier versions duri...

WebExec - (Authenticated) User Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Windows XP systems that are not part of a domain default to treating all network logons as if they were Guest. This prevents SMB relay attacks from gaining administrativ...

Default Password 'meinsm' for 'Administrator' Account

The account 'Administrator' on the remote host has the default password 'meinsm'. A remote attacker can exploit this issue to gain administrative access to the affected system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. account = "Administrator"; password = "meinsm";...