120967 matches found
CVE-2025-14252
An Improper Access Control vulnerability in Advantech SUSI driver susi.sys allows attackers to read/write arbitrary memory, I/O ports, and MSRs, resulting in privilege escalation, arbitrary code execution, and information disclosure. This issue affects Advantech SUSI: 5.0.24335 and prior...
kernel: nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm()
A vulnerability has been identified in the Linux kernel's Network File System NFS daemon that could allow for a Denial of Service and in worst case scenario Arbitrary Code Execution. This Use-After-Free flaw arises from a race condition when the kernel handles the confirmation of an NFS client...
CVE-2025-53524
Fuji Electric Monitouch V-SFT-6 is vulnerable to an out-of-bounds write while processing a specially crafted project file, which may allow an attacker to execute arbitrary code...
CVE-2025-53524 Fuji Electric Monitouch V-SFT-6 Out-of-bounds Write
Fuji Electric Monitouch V-SFT-6 is vulnerable to an out-of-bounds write while processing a specially crafted project file, which may allow an attacker to execute arbitrary code...
CVE-2025-53524 Fuji Electric Monitouch V-SFT-6 Out-of-bounds Write
Fuji Electric Monitouch V-SFT-6 is vulnerable to an out-of-bounds write while processing a specially crafted project file, which may allow an attacker to execute arbitrary code...
EUVD-2025-203858
Fuji Electric Monitouch V-SFT-6 is vulnerable to an out-of-bounds write while processing a specially crafted project file, which may allow an attacker to execute arbitrary code...
Fuji Electric Monitouch V-SFT-6 缓冲区错误漏洞
Fuji Electric Monitouch V-SFT-6 is a screen configuration software from Fuji Electric, Japan. A buffer error vulnerability exists in Fuji Electric Monitouch V-SFT-6, which originates from an out-of-bounds write when processing a specially crafted project file, and could lead to the execution of...
CVE-2025-67170
A reflected cross-site scripting XSS vulnerability in RiteCMS v3.1.0 allows attackers to execute arbitrary code in the context of a user's browser via a crafted payload...
CVE-2025-67170
A reflected cross-site scripting XSS vulnerability in RiteCMS v3.1.0 allows attackers to execute arbitrary code in the context of a user's browser via a crafted payload...
Zed 命令注入漏洞
Zed is an open source code editor from Zed Industries. A command injection vulnerability exists in versions prior to Zed 0.218.2-pre that stems from loading a malicious LSP configuration from the settings.json file in the project.zed subdirectory, which could lead to arbitrary code execution...
CVE-2025-65855
The OTA firmware update mechanism in Netun Solutions HelpFlash IoT firmware v18178221102ASCIIPRO1R550 uses hard-coded WiFi credentials identical across all devices and does not authenticate update servers or validate firmware signatures. An attacker with brief physical access can activate OTA mod...
RiteCMS 安全漏洞
RiteCMS is an open source content management system based on php and sqlite. RiteCMS suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, which can be exploited by an attacker to execute arbitrary Web...
Apple多款产品 安全漏洞
Apple iOS and others are products of Apple Inc. Apple iOS is an operating system developed for mobile devices. apple macOS is a specialized operating system developed for Mac computers. apple iPadOS is an operating system for iPad tablet computers. A security vulnerability exists in multiple Appl...
PT-2025-51796
Name of the Vulnerable Software and Affected Versions Fuji Electric Monitouch V-SFT-6 affected versions not specified Description The software contains a flaw due to an out-of-bounds write condition when handling a specifically designed project file. Successful exploitation of this issue could...
CVE-2025-65855
The OTA firmware update mechanism in Netun Solutions HelpFlash IoT firmware v18178221102ASCIIPRO1R550 uses hard-coded WiFi credentials identical across all devices and does not authenticate update servers or validate firmware signatures. An attacker with brief physical access can activate OTA mod...
ROS-20251217-7323
A vulnerability in the Redis database management system DBMS is related to mismanagement of code generation. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...
CVE-2025-65855
The CVE-2025-65855 entry concerns Netun Solutions HelpFlash IoT. The OTA firmware update mechanism (firmware v18_178_221102_ASCII_PRO_1R5_50) uses hard-coded WiFi credentials shared across devices and does not authenticate update servers or validate firmware signatures. An attacker with brief phy...
Netun Solutions HelpFlash IoT 安全漏洞
Netun Solutions HelpFlash IoT is a smart connected vehicle emergency warning light from Netun Solutions, Spain. A security vulnerability exists in Netun Solutions HelpFlash IoT version v18178221102ASCIIPRO1R550, which stems from an OTA firmware update mechanism that uses hard-coded WiFi credentia...
CVE-2025-10888
AA maliciously crafted MODEL file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process...
CVE-2025-10900
AA maliciously crafted MODEL file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process...