CVE-2025-0037

The CVE-2025-0037 issue affects AMD Versal Adaptive SoC devices, arising from lack of address validation when PLM runtime services are executed via the PLM firmware. This could allow a remote processor to access isolated or protected memory spaces, compromising confidentiality and integrity (impa...

CVE-2025-0037

In AMD Versal Adaptive SoC devices, the lack of address validation when executing PLM runtime services through the PLM firmware can allow access to isolated or protected memory spaces, resulting in the loss of integrity and confidentiality...

AMD Versal Adaptive SoC 输入验证错误漏洞

AMD Versal Adaptive SoC is a chip from Ultra Micro Semiconductor AMD. The AMD Versal Adaptive SoC suffers from an input validation error vulnerability that stems from a missing address validation, which could result in access to a protected memory space...

Tenda AC10 安全漏洞

The Tenda AC10 is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in Tenda AC10 15.03.06.47 and earlier versions, which originates from the failure of the formSetPPTPServer parameters startIp and endIp to properly validate the length of the input data in t...

Open Redirect

Overview Affected versions of this package are vulnerable to Open Redirect due to improper validation of the multi-option URL in the authentication endpoint when multi-option authentication is enabled. An attacker can redirect users to an attacker-controlled site by crafting a valid link that...

CVE-2024-26015

An incorrect parsing of numbers with different radices vulnerability CWE-1389 in FortiProxy version 7.4.3 and below, version 7.2.10 and below, version 7.0.17 and below and FortiOS version 7.4.3 and below, version 7.2.8 and below, version 7.0.15 and below IP address validation feature may permit a...

CVE-2022-2877

The Titan Anti-spam & Security WordPress plugin before 7.3.1 does not properly checks HTTP headers in order to validate the origin IP address, allowing threat actors to bypass it's block feature by spoofing the headers...

CVE-2021-25339

Improper address validation in HArx in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows an attacker, given a compromised kernel, to corrupt EL2 memory...

CVE-2021-25080

The Contact Form Entries WordPress plugin before 1.1.7 does not validate, sanitise and escape the IP address retrieved via headers such as CLIENT-IP and X-FORWARDED-FOR, allowing unauthenticated attackers to perform Cross-Site Scripting attacks against logged in admins viewing the created entry...

CVE-2021-25411

Improper address validation vulnerability in RKP api prior to SMR JUN-2021 Release 1 allows root privileged local attackers to write read-only kernel memory...

CVE-2021-25415

Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to remap EL2 memory as writable...

CVE-2021-25416

Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to create executable kernel page outside code area...

CVE-2019-10618

Driver may access an invalid address while processing IO control due to lack of check of address validation in Snapdragon Connectivity in QCA6390...

CVE-2006-4461

Paessler IPCheck Server Monitor before 5.3.3.639/640 does not properly implement a "list of acceptable host IP addresses in the probe settings," which has unknown impact and attack vectors...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: dmaengine: Fix double increment of clientcount in dmachanget CVE-2022-49753 In the Linux kernel, the following vulnerability has been resolved: ipv6: ensure sane device mtu in tunnels CVE-2022-50816 A memory...

CodeAstro Bus Ticket Booking System 安全漏洞

CodeAstro Bus Ticket Booking System is a bus ticket booking system from CodeAstro. A security vulnerability exists in CodeAstro Bus Ticket Booking System v1.0, which stems from insufficient input validation of the Full Name and Address fields in the user registration and user profile functionalit...

CVE-2024-45557

Memory corruption can occur when TME processes addresses from TZ and MPSS requests without proper validation...

CVE-2024-45557 Use of Out-of-range Pointer Offset in Trust Management Engine

Memory corruption can occur when TME processes addresses from TZ and MPSS requests without proper validation...

CVE-2024-45557 Use of Out-of-range Pointer Offset in Trust Management Engine

Memory corruption can occur when TME processes addresses from TZ and MPSS requests without proper validation...

Security update for python3

This update for python3 fixes the following issues: CVE-2024-11168: Fixed improper validation of IPv6 and IPvFuture addresses bsc1233307. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can r...