10 matches found
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure in the frontend build process when it exits with a non-zero status. An attacker can obtain sensitive environment variables, including credentials, by reviewing build logs or archived build artifacts generated during...
CVE-2026-7860
A possible information disclosure vulnerability exists in the Vaadin Maven plugin and Vaadin Gradle plugin that exposes the full set of environment variables in build logs whenever the frontend build process exits with a non-zero status. Because the build environment may contain credentials...
OpenWRT < 24.10.4 Multiple Vulnerabilities
OpenWRT is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openwrt:openwrt"; ifdescription...
Linux Distros Unpatched Vulnerability : CVE-2025-62525
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenWrt Project is a Linux operating system targeting embedded devices. Prior to version 24.10.4, local users could read and write arbitrary kernel memory using...
UBUNTU-CVE-2025-62526
OpenWrt Project is a Linux operating system targeting embedded devices. Prior to version 24.10.4, ubusd contains a heap buffer overflow in the event registration parsing code. This allows an attacker to modify the head and potentially execute arbitrary code in the context of the ubus daemon. The...
CVE-2025-62526 OpenWrt ubusd vulnerable to heap buffer overflow
OpenWrt Project is a Linux operating system targeting embedded devices. Prior to version 24.10.4, ubusd contains a heap buffer overflow in the event registration parsing code. This allows an attacker to modify the head and potentially execute arbitrary code in the context of the ubus daemon. The...
EUVD-2025-35591
OpenWrt Project is a Linux operating system targeting embedded devices. Prior to version 24.10.4, ubusd contains a heap buffer overflow in the event registration parsing code. This allows an attacker to modify the head and potentially execute arbitrary code in the context of the ubus daemon. The...
CVE-2025-62526
OpenWrt ubusd (component of OpenWrt OS) is affected in versions prior to 24.10.4 by a heap buffer overflow in the event registration parsing code. Exploitation can modify the heap and potentially execute arbitrary code in the ubus daemon process, with actions occurring before ACL checks and enabl...
EUVD-2025-35592
OpenWrt Project is a Linux operating system targeting embedded devices. Prior to version 24.10.4, local users could read and write arbitrary kernel memory using the ioctls of the ltq-ptm driver which is used to drive the datapath of the DSL line. This only effects the lantiq target supporting...
OpenWrt 安全漏洞
OpenWrt is the OpenWrt open source set of Linux operating systems for embedded devices. A security vulnerability exists in versions prior to OpenWrt 24.10.4 that stems from a heap buffer overflow in the event registration parsing code, which could lead to the execution of arbitrary code and bypas...