Lucene search
K

120967 matches found

RedhatCVE
RedhatCVE
added 2025/12/17 8:7 a.m.6 views

CVE-2025-14252

An Improper Access Control vulnerability in Advantech SUSI driver susi.sys allows attackers to read/write arbitrary memory, I/O ports, and MSRs, resulting in privilege escalation, arbitrary code execution, and information disclosure. This issue affects Advantech SUSI: 5.0.24335 and prior...

8.5CVSS7.3AI score0.00111EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/12/17 7:48 a.m.4 views

kernel: nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm()

A vulnerability has been identified in the Linux kernel's Network File System NFS daemon that could allow for a Denial of Service and in worst case scenario Arbitrary Code Execution. This Use-After-Free flaw arises from a race condition when the kernel handles the confirmation of an NFS client...

7.8CVSS5.8AI score0.00163EPSS
Exploits0References5
NVD
NVD
added 2025/12/17 1:15 a.m.4 views

CVE-2025-53524

Fuji Electric Monitouch V-SFT-6 is vulnerable to an out-of-bounds write while processing a specially crafted project file, which may allow an attacker to execute arbitrary code...

8.4CVSS0.00219EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/17 12:19 a.m.6 views

CVE-2025-53524 Fuji Electric Monitouch V-SFT-6 Out-of-bounds Write

Fuji Electric Monitouch V-SFT-6 is vulnerable to an out-of-bounds write while processing a specially crafted project file, which may allow an attacker to execute arbitrary code...

8.4CVSS7.4AI score0.00219EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/17 12:19 a.m.25 views

CVE-2025-53524 Fuji Electric Monitouch V-SFT-6 Out-of-bounds Write

Fuji Electric Monitouch V-SFT-6 is vulnerable to an out-of-bounds write while processing a specially crafted project file, which may allow an attacker to execute arbitrary code...

8.4CVSS0.00219EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/17 12:19 a.m.4 views

EUVD-2025-203858

Fuji Electric Monitouch V-SFT-6 is vulnerable to an out-of-bounds write while processing a specially crafted project file, which may allow an attacker to execute arbitrary code...

8.4CVSS7.2AI score0.00219EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/17 12:0 a.m.2 views

Fuji Electric Monitouch V-SFT-6 缓冲区错误漏洞

Fuji Electric Monitouch V-SFT-6 is a screen configuration software from Fuji Electric, Japan. A buffer error vulnerability exists in Fuji Electric Monitouch V-SFT-6, which originates from an out-of-bounds write when processing a specially crafted project file, and could lead to the execution of...

8.4CVSS7AI score0.00219EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/17 12:0 a.m.23 views

CVE-2025-67170

A reflected cross-site scripting XSS vulnerability in RiteCMS v3.1.0 allows attackers to execute arbitrary code in the context of a user's browser via a crafted payload...

0.00218EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/12/17 12:0 a.m.2 views

CVE-2025-67170

A reflected cross-site scripting XSS vulnerability in RiteCMS v3.1.0 allows attackers to execute arbitrary code in the context of a user's browser via a crafted payload...

5.9AI score0.00218EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/12/17 12:0 a.m.3 views

Zed 命令注入漏洞

Zed is an open source code editor from Zed Industries. A command injection vulnerability exists in versions prior to Zed 0.218.2-pre that stems from loading a malicious LSP configuration from the settings.json file in the project.zed subdirectory, which could lead to arbitrary code execution...

7.7CVSS8AI score0.0027EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/12/17 12:0 a.m.3 views

CVE-2025-65855

The OTA firmware update mechanism in Netun Solutions HelpFlash IoT firmware v18178221102ASCIIPRO1R550 uses hard-coded WiFi credentials identical across all devices and does not authenticate update servers or validate firmware signatures. An attacker with brief physical access can activate OTA mod...

7.4AI score0.00085EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/17 12:0 a.m.4 views

RiteCMS 安全漏洞

RiteCMS is an open source content management system based on php and sqlite. RiteCMS suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, which can be exploited by an attacker to execute arbitrary Web...

6.1CVSS5.9AI score0.00218EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/12/17 12:0 a.m.3 views

Apple多款产品 安全漏洞

Apple iOS and others are products of Apple Inc. Apple iOS is an operating system developed for mobile devices. apple macOS is a specialized operating system developed for Mac computers. apple iPadOS is an operating system for iPad tablet computers. A security vulnerability exists in multiple Appl...

8.8CVSS7.7AI score0.08439EPSS
Exploits8References8
Positive Technologies
Positive Technologies
added 2025/12/17 12:0 a.m.6 views

PT-2025-51796

Name of the Vulnerable Software and Affected Versions Fuji Electric Monitouch V-SFT-6 affected versions not specified Description The software contains a flaw due to an out-of-bounds write condition when handling a specifically designed project file. Successful exploitation of this issue could...

8.4CVSS7AI score0.00219EPSS
Exploits0References13
Cvelist
Cvelist
added 2025/12/17 12:0 a.m.28 views

CVE-2025-65855

The OTA firmware update mechanism in Netun Solutions HelpFlash IoT firmware v18178221102ASCIIPRO1R550 uses hard-coded WiFi credentials identical across all devices and does not authenticate update servers or validate firmware signatures. An attacker with brief physical access can activate OTA mod...

0.00085EPSS
Exploits0References2
Redos
Redos
added 2025/12/17 12:0 a.m.3 views

ROS-20251217-7323

A vulnerability in the Redis database management system DBMS is related to mismanagement of code generation. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

7.3CVSS7.8AI score0.00701EPSS
Exploits0
CVE
CVE
added 2025/12/17 12:0 a.m.7 views

CVE-2025-65855

The CVE-2025-65855 entry concerns Netun Solutions HelpFlash IoT. The OTA firmware update mechanism (firmware v18_178_221102_ASCII_PRO_1R5_50) uses hard-coded WiFi credentials shared across devices and does not authenticate update servers or validate firmware signatures. An attacker with brief phy...

6.6CVSS7.4AI score0.00085EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2025/12/17 12:0 a.m.11 views

Netun Solutions HelpFlash IoT 安全漏洞

Netun Solutions HelpFlash IoT is a smart connected vehicle emergency warning light from Netun Solutions, Spain. A security vulnerability exists in Netun Solutions HelpFlash IoT version v18178221102ASCIIPRO1R550, which stems from an OTA firmware update mechanism that uses hard-coded WiFi credentia...

6.6CVSS7AI score0.00085EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/12/16 11:55 p.m.6 views

CVE-2025-10888

AA maliciously crafted MODEL file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process...

7.8CVSS7.6AI score0.0021EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/16 11:55 p.m.4 views

CVE-2025-10900

AA maliciously crafted MODEL file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process...

7.8CVSS7.6AI score0.0021EPSS
Exploits0References1
Rows per page
Query Builder