98 matches found
CVE-2026-28778
International Datacasting Corporation IDC SFX Series SuperFlex Satellite Receiver contains undocumented, hardcoded/insecure credentials for the xd user account. A remote unauthenticated attacker can log in via FTP using these credentials. Because the xd user has write permissions to their home...
CVE-2026-29123 Multiple SUID Root Binaries in `xd` User Home Directory Leading to Potential Local Privilege Escalation
A SUID root-owned binary in /home/xd/terminal/XDTerminal in International Data Casting IDC SFX2100 on Linux allows a local actor to potentially preform local privilege escalation depending on conditions of the system via execution of the affected SUID binary. This can be via PATH hijacking, symli...
CVE-2026-29123
CVE-2026-29123 affects a SUID root-owned binary at /home/xd/terminal/XDTerminal in International Data Casting (IDC) SFX2100 on Linux. The issue enables local privilege escalation through execution of the affected SUID binary, with attack methods including PATH hijacking, symlink abuse, or shared ...
PT-2026-23100
Name of the Vulnerable Software and Affected Versions International Data Casting IDC SFX2100 affected versions not specified Description A SUID root-owned binary located in /home/xd/terminal/XDTerminal allows a local actor to potentially perform local privilege escalation depending on system...
EUVD-2026-9373
International Datacasting Corporation IDC SFX Series SuperFlex Satellite Receiver contains undocumented, hardcoded/insecure credentials for the xd user account. A remote unauthenticated attacker can log in via FTP using these credentials. Because the xd user has write permissions to their home...
CVE-2026-28778
International Datacasting Corporation IDC SFX Series SuperFlex Satellite Receiver contains undocumented, hardcoded/insecure credentials for the xd user account. A remote unauthenticated attacker can log in via FTP using these credentials. Because the xd user has write permissions to their home...
CVE-2026-28778
International Datacasting Corporation IDC SFX Series SuperFlex Satellite Receiver contains undocumented, hardcoded/insecure credentials for the xd user account. A remote unauthenticated attacker can log in via FTP using these credentials. Because the xd user has write permissions to their home...
CVE-2026-28778
IDC SFX Series SuperFlex Satellite Receiver (IDC SFX2100) exposes undocumented hardcoded credentials for the xd user, enabling remote FTP access. The xd user’s home directory contains root‑executed binaries and related symlinks (e.g., xdstartstop); an unauthenticated attacker could overwrite file...
CVE-2026-28778 Hardcoded FTP Credentials and LPE(via Insecure Permissions) for `xd` Local Account on IDC SFX2100
International Datacasting Corporation IDC SFX Series SuperFlex Satellite Receiver contains undocumented, hardcoded/insecure credentials for the xd user account. A remote unauthenticated attacker can log in via FTP using these credentials. Because the xd user has write permissions to their home...
CVE-2026-28778 Hardcoded FTP Credentials and LPE(via Insecure Permissions) for `xd` Local Account on IDC SFX2100
International Datacasting Corporation IDC SFX Series SuperFlex Satellite Receiver contains undocumented, hardcoded/insecure credentials for the xd user account. A remote unauthenticated attacker can log in via FTP using these credentials. Because the xd user has write permissions to their home...
PT-2026-22881
Name of the Vulnerable Software and Affected Versions International Datacasting Corporation IDC SFX Series SuperFlex Satellite Receiver affected versions not specified Description The IDC SFX Series SuperFlex Satellite Receiver is affected by hardcoded, insecure credentials for the xd user accoun...
CLSA-2026-1771078945 kernel: Fix of 131 CVEs
net/ieee802154: don't warn zero-sized rawsendmsg CVE-2022-50706 - scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow CVE-2023-53676 - ALSA: usb-audio: Fix potential overflow of PCM transfer buffer CVE-2025-40269 - ipv6: reject malicious packets in ipv6gsosegment CVE-2025-38572 -...
CVE-2019-7105
Adobe XD versions 16.0 and earlier have a path traversal vulnerability. Successful exploitation could lead to arbitrary code execution...
CVE-2019-7106
Adobe XD versions 16.0 and earlier have a path traversal vulnerability. Successful exploitation could lead to arbitrary code execution...
EUVD-2019-0309
Malware in sbrugna...
EUVD-2019-19106
Malware in sbrugna...
MAL-2025-39600 Malicious code in xd-test-gallery (npm)
The package xd-test-gallery was found to contain malicious code...
Malicious code in xd-test-gallery (npm)
The package xd-test-gallery was found to contain malicious code...
XINJE XD
1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Low attack complexity/public exploits are available Vendor: XINJE Equipment: XINJE XD Programing Tool Vulnerabilities: Relative Path Traversal, Uncontrolled Search Path Element 2. RISK EVALUATION Successful exploitation of these vulnerabilities could...
Malicious code in mobx-model-xd (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bd03fd58f7b83df1b36fd97189d6768e243699870898f9f1ea1dad8f0bb3383d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...