CVE-2025-34519

Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an insecure hashing algorithm vulnerability. The product stores passwords using the MD5 hash function without applying a per‑password salt. Because MD5 is a fast, unsalted hash, an attacker who obtains the password database can...

Linux Distros Unpatched Vulnerability : CVE-2025-0684

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in grub2. When performing a symlink lookup from a reiserfs filesystem, grub's reiserfs fs module uses user-controlled parameters from the...

Linux Distros Unpatched Vulnerability : CVE-2024-53072

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/pmc: Detect when STB is not available Loading the amdpmc module as: amdpmc...

Linux Distros Unpatched Vulnerability : CVE-2021-45098

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Suricata before 6.0.4. It is possible to bypass/evade any HTTP-based signature by faking an RST TCP packet with random TCP options of...

Linux Distros Unpatched Vulnerability : CVE-2024-39473

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension I...

Linux Distros Unpatched Vulnerability : CVE-2024-35837

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: mvpp2: clear BM pool before initialization Register value persist after booting the kernel using kexec which results in kernel panic. Thus clear the BM poo...

Linux Distros Unpatched Vulnerability : CVE-2020-11113

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to...

bimcasa.com Cross Site Scripting vulnerability OBB-2138074

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

ColoradoFTP 1.3 Prime Edition (Build 8) Directory Traversal

Advisory Information Title: Directory Traversal Vulnerability in ColoradoFTP v1.3 Prime Edition Build 8 Date published: n/a Date of last update: n/a Vendors contacted: ColoradoFTP author Sergei Abramov Discovered by: Rv3Laboratory Research Team Severity: High 02. Vulnerability Information...

zlib inflate() routine vulnerable to buffer overflow

Overview A buffer overflow in the zlib compression library may cause any application linked to zlib to improperly and immediately terminate. Description There is a buffer overflow in the zlib data-compression library caused by a lack of bounds checking in the inflate routine. If an attacker...

VERITAS Backup Exec Remote Agent fails to properly validate authentication requests

Overview Backup Exec Remote Agent for Windows Servers contains a buffer overflow vulnerability due to incorrect validation on authentication requests. Description VERITAS Backup Exec is a data backup and recovery solution with support for over the network backup. The VERITAS Backup Exec Agent run...

Air Messenger LAN Server (AMLServer) stores usernames and passwords in plaintext

Overview Air Messenger LAN Server AMLServer stores usernames and passwords in plaintext. Description AMLServer for windows is a paging gateway that allows users on a TCP/IP LAN to communicate with mobile devices such as phones and pagers. Access to AMLServer's services is protected by a user...