| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Airbyte is a data integration platform for ELT pipelines. Airbyte connection builder docker image is vulnerable to RCE via SSTI which allows an authenticated remote attacker to execute arbitrary code on the server as the web server user. The connection builder is used to create and test new connectors. Sensitive information, such as credentials, could be exposed if a user tested a new connector on a compromised instance. The connection builder does not have access to any data processes. This vulnerability is fixed in 0.62.2. |
| A vulnerability has been identified in the GRUB (Grand Unified Bootloader) component. This flaw occurs because the bootloader mishandles string conversion when reading information from a USB device, allowing an attacker to exploit inconsistent length values. A local attacker can connect a maliciously configured USB device during the boot sequence to trigger this issue. A successful exploitation may lead GRUB to crash, leading to a Denial of Service. Data corruption may be also possible, although given the complexity of the exploit the impact is most likely limited. |
| A vulnerability has been identified in IEC 1Ph 7.4kW Child socket (8EM1310-2EH04-0GA0) (All versions), IEC 1Ph 7.4kW Child socket/ shutter (8EM1310-2EN04-0GA0) (All versions), IEC 1Ph 7.4kW Parent cable 7m (8EM1310-2EJ04-3GA1) (All versions), IEC 1Ph 7.4kW Parent cable 7m incl. SIM (8EM1310-2EJ04-3GA2) (All versions), IEC 1Ph 7.4kW Parent socket (8EM1310-2EH04-3GA1) (All versions), IEC 1Ph 7.4kW Parent socket incl. SIM (8EM1310-2EH04-3GA2) (All versions), IEC 1Ph 7.4kW Parent socket/ shutter (8EM1310-2EN04-3GA1) (All versions), IEC 1Ph 7.4kW Parent socket/ shutter SIM (8EM1310-2EN04-3GA2) (All versions), IEC 3Ph 22kW Child cable 7m (8EM1310-3EJ04-0GA0) (All versions), IEC 3Ph 22kW Child socket (8EM1310-3EH04-0GA0) (All versions), IEC 3Ph 22kW Child socket/ shutter (8EM1310-3EN04-0GA0) (All versions), IEC 3Ph 22kW Parent cable 7m (8EM1310-3EJ04-3GA1) (All versions), IEC 3Ph 22kW Parent cable 7m incl. SIM (8EM1310-3EJ04-3GA2) (All versions), IEC 3Ph 22kW Parent socket (8EM1310-3EH04-3GA1) (All versions), IEC 3Ph 22kW Parent socket incl. SIM (8EM1310-3EH04-3GA2) (All versions), IEC 3Ph 22kW Parent socket/ shutter (8EM1310-3EN04-3GA1) (All versions), IEC 3Ph 22kW Parent socket/ shutter SIM (8EM1310-3EN04-3GA2) (All versions), IEC ERK 3Ph 22 kW Child cable 7m (8EM1310-3FJ04-0GA0) (All versions), IEC ERK 3Ph 22 kW Child cable 7m (8EM1310-3FJ04-0GA1) (All versions), IEC ERK 3Ph 22 kW Child cable 7m (8EM1310-3FJ04-0GA2) (All versions), IEC ERK 3Ph 22 kW Child socket (8EM1310-3FH04-0GA0) (All versions), IEC ERK 3Ph 22 kW Parent socket (8EM1310-3FH04-3GA1) (All versions), IEC ERK 3Ph 22 kW Parent socket incl. SI (8EM1310-3FH04-3GA2) (All versions), UL Commercial Cellular 48A NTEP (8EM1310-5HF14-1GA2) (All versions), UL Commercial Child 40A w/ 15118 HW (8EM1310-4CF14-0GA0) (All versions), UL Commercial Child 48A BA Compliant (8EM1315-5CG14-0GA0) (All versions), UL Commercial Child 48A w/ 15118 HW (8EM1310-5CF14-0GA0) (All versions), UL Commercial Parent 40A with Simcard (8EM1310-4CF14-1GA2) (All versions), UL Commercial Parent 48A (USPS) (8EM1317-5CG14-1GA2) (All versions), UL Commercial Parent 48A BA Compliant (8EM1315-5CG14-1GA2) (All versions), UL Commercial Parent 48A with Simcard BA (8EM1310-5CF14-1GA2) (All versions), UL Commercial Parent 48A, 15118, 25ft (8EM1310-5CG14-1GA1) (All versions), UL Commercial Parent 48A, 15118, 25ft (8EM1314-5CG14-2FA2) (All versions), UL Commercial Parent 48A, 15118, 25ft (8EM1315-5HG14-1GA2) (All versions), UL Commercial Parent 48A,15118 25ft Sim (8EM1310-5CG14-1GA2) (All versions), UL Resi High End 40A w/15118 Hw (8EM1312-4CF18-0FA3) (All versions), UL Resi High End 48A w/15118 Hw (8EM1312-5CF18-0FA3) (All versions), VersiCharge Blue™ 80A AC Cellular (8EM1315-7BG16-1FH2) (All versions). Affected devices do not contain an Immutable Root of Trust in M0 Hardware. An attacker with physical access to the device could use this to execute arbitrary code. |
| A flaw was found in the ansible automation platform. An insecure WebSocket connection was being used in installation from the Ansible rulebook EDA server. An attacker that has access to any machine in the CIDR block could download all rulebook data from the WebSocket, resulting in loss of confidentiality and integrity of the system. |
| Use of Default Cryptographic Key vulnerability in Baxter Welch Allyn Connex Spot Monitor may allow Configuration/Environment Manipulation.This issue affects Welch Allyn Connex Spot Monitor in all versions prior to 1.52. |
| ajv (Another JSON Schema Validator) before 8.18.0 is vulnerable to Regular Expression Denial of Service (ReDoS) when the $data option is enabled. The pattern keyword accepts runtime data via JSON Pointer syntax ($data reference), which is passed directly to the JavaScript RegExp() constructor without validation. An attacker can inject a malicious regex pattern (e.g., "^(a|a)*$") combined with crafted input to cause catastrophic backtracking. A 31-character payload causes approximately 44 seconds of CPU blocking, with each additional character doubling execution time. This enables complete denial of service with a single HTTP request against any API using ajv with $data: true for dynamic schema validation. This issue is also fixed in version 6.14.0. |
| A vulnerability classified as problematic was found in SAFECAM X300 up to 20250611. This vulnerability affects unknown code of the component FTP Service. The manipulation leads to use of default credentials. Access to the local network is required for this attack to succeed. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. |
| Knwl.js is a Javascript library that parses through text for dates, times, phone numbers, emails, places, and more. Versions 1.0.2 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). As of time of publication, no known patches are available. |
| HTML2Markdown is a Javascript implementation for converting HTML to Markdown text. All available versions contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). As of time of publication, no known patches are available. |
| An issue was discovered in Newland Nquire 1000 Interactive Kiosk version NQ1000-II_G_V1.00.011, allows remote attackers to escalate privileges and bypass authentication via incorrect access control in the web management portal. |
| Default Credentail vulnerabilities allows access to an Aspect device using publicly available default credentials since the system does not require the installer to change default credentials.
Affected products:
ABB ASPECT - Enterprise v3.07.02;
NEXUS Series v3.07.02;
MATRIX Series v3.07.02 |
| A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the speculative executable code paths. |
| HGW BL1500HM Ver 002.001.013 and earlier contains a use of week credentials issue. A network-adjacent unauthenticated attacker may connect to the product via SSH and use a shell. |
| Deck Mate 2 lacks a verified secure-boot chain and runtime integrity validation for its controller and display modules. Without cryptographic boot verification, an attacker with physical access can modify or replace the bootloader, kernel, or filesystem and gain persistent code execution on reboot. This weakness allows long-term firmware tampering that survives power cycles. The vendor indicates that more recent firmware updates strengthen update-chain integrity and disable physical update ports to mitigate related attack avenues. |
| Deck Mate 1 executes firmware directly from an external EEPROM without verifying authenticity or integrity. An attacker with physical access can replace or reflash the EEPROM to run arbitrary code that persists across reboots. Because this design predates modern secure-boot or signed-update mechanisms, affected systems should be physically protected or retired from service. The vendor has not indicated that firmware updates are available for this legacy model. |
| tRPC allows users to build and consume fully typesafe APIs without schemas or code generation. Starting in version 10.27.0 and prior to versions 10.45.3 and 11.8.0, a A prototype pollution vulnerability exists in `@trpc/server`'s `formDataToObject` function, which is used by the Next.js App Router adapter. An attacker can pollute `Object.prototype` by submitting specially crafted FormData field names, potentially leading to authorization bypass, denial of service, or other security impacts. Note that this vulnerability is only present when using `experimental_caller` / `experimental_nextAppDirCaller`. Versions 10.45.3 and 11.8.0 fix the issue. |
| Versions of the package mysql2 before 3.9.8 are vulnerable to Prototype Pollution due to improper user input sanitization passed to fields and tables when using nestTables. |
| On multiple products of SEIKO EPSON and FUJIFILM Corporation, the initial administrator password is easy to guess from the information available via SNMP. If the administrator password is not changed from the initial one, a remote attacker with SNMP access can log in to the product with the administrator privilege. |
| Versions of the package web3-utils before 4.2.1 are vulnerable to Prototype Pollution via the utility functions format and mergeDeep, due to insecure recursive merge.
An attacker can manipulate an object's prototype, potentially leading to the alteration of the behavior of all objects inheriting from the affected prototype by passing specially crafted input to these functions. |
| A flaw was found in ActiveMQ Artemis. The password generated by activemq-artemis-operator does not regenerate between separated CR dependencies. |
