CVE-2026-40223

A flaw was found in systemd, a core component of Linux operating systems. A local user, without special privileges, can exploit this vulnerability. By manipulating a specific systemd unit configuration where delegation is enabled and the user is not set, the user can trigger an internal error,...

CVE-2025-68764 NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags

In the Linux kernel, the following vulnerability has been resolved: NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags When a filesystem is being automounted, it needs to preserve the user-set superblock mount options, such as the "ro" flag...

EUVD-2014-2562

Malware in sbrugna...

CVE-2025-3978

A vulnerability was found in dazhouda lecms 3.0.3. It has been rated as problematic. Affected by this issue is some unknown functionality of the file admin/view/default/userset.htm. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclos...

Siemens LOGO! V8.3 BM Devices Plaintext Storage of a Password (CVE-2024-39922)

LOGO! V8.3 BM incl. SIPLUS variants devices contain a plaintext storage of a password vulnerability. This could allow an attacker with phyiscal access to an affected device to extract user-set passwords from an embedded storage IC. Siemens has released new hardware versions with the LOGO! V8.4 BM...

Siemens LOGO! V8.3 BM Devices

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Buffer overflow

Buffer overflow can occur in display function due to lack of validation of header block size set by user. in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MSM8909...

eQ-3 AG HomeMatic CCU2 Arbitrary File Write Vulnerability

The eQ-3 AG Homematic CCU2 is a central control unit for controlling smart home devices from eQ-3 Germany. A directory traversal vulnerability exists in User.setLanguage in eQ-3 AG Homematic CCU2 version 2.29.2 and earlier. A remote attacker can exploit this vulnerability to write arbitrary files...

CVE-2018-7300

Directory Traversal / Arbitrary File Write / Remote Code Execution in the User.setLanguage method in eQ-3 AG Homematic CCU2 2.29.2 and earlier allows remote attackers to write arbitrary files to the device's filesystem. This vulnerability can be exploited by unauthenticated attackers with access ...

ShopsN v3.0 SQL Injection Vulnerability in Frontend UserSetController.class.php File

ShopsN is a free e-commerce open source system. ShopsN v3.0 front-end UserSetController.class.php file has a SQL injection vulnerability . As the system fails to effectively filter the addressajax function. A remote attacker can exploit the vulnerability to obtain sensitive database information...

Rooted SSH/SFTP Daemon Default Login Credentials

Rooted SSH/SFTP Daemon installs with static default root credentials and does not prompt the user to change them. Title: Rooted SSH/SFTP Daemon Default Login Credentials Author: Larry W. Cashdollar, @larry0 OSVDB-ID: 110742 Date: 9/2/2014 Download:...