CVE-2025-14749

A vulnerability was identified in Ningyuanda TC155 57.0.2.0. This impacts an unknown function of the file /onvif/deviceservice of the component ONVIF PTZ Control Interface. The manipulation leads to improper access controls. The attack requires being on the local network. The exploit is publicly...

EUVD-2025-203739

In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: bug fix while parsing mipi-sdca-control-cn-list "struct sdcacontrol" declares "values" field as integer array. But the memory allocated to it is of char array. This causes crash for sdcaparsefunction API. This patch...

CVE-2025-14749

CVE-2025-14749 affects Ningyuanda TC155, version 57.0.2.0, specifically the ONVIF PTZ Control Interface component via the file /onvif/device_service. Root cause: improper access controls leading to unauthorized access. Attack requires local network access; exploit is publicly available. Implicati...

CVE-2021-47719

COMMAX WebViewer ActiveX Control 2.1.4.5 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by providing excessively long string arrays through multiple functions. Attackers can exploit boundary errors in CommaxWebViewer.ocx to cause buffer overflow condition...

SUSE CVE-2025-40335

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate userq input args This will help on validating the userq input args, and rejecting for the invalid userq request at the IOCTLs first place...

EUVD-2025-201233

In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Account for failed debug initialization When the SCMI debug subsystem fails to initialize, the related debug root will be missing, and the underlying descriptor will be NULL. Handle this fault condition in the...

PT-2025-49061

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the alienware-wmi-wmax driver. Specifically, a NULL pointer dereference can occur in sleep handlers on devices that do not have the Alienware...

ROS-20251128-06

A vulnerability in the adevrelease function in the drivers/peci/cpu.c module of the Platform Environment Control driver Interface PECI module of the Linux kernel is related to the reuse of previously released memory. memory. Exploitation of the vulnerability could allow an attacker to impact the...

CVE-2025-59373

A local privilege escalation vulnerability exists in the restore mechanism of ASUS System Control Interface. It can be triggered when an unprivileged actor copies files without proper validation into protected system paths, potentially leading to arbitrary files being executed as SYSTEM. For more...

CVE-2025-59373

A local privilege escalation vulnerability exists in the restore mechanism of ASUS System Control Interface. It can be triggered when an unprivileged actor copies files without proper validation into protected system paths, potentially leading to arbitrary files being executed as SYSTEM. For more...

EUVD-2025-199530

A local privilege escalation vulnerability exists in the restore mechanism of ASUS System Control Interface. It can be triggered when an unprivileged actor copies files without proper validation into protected system paths, potentially leading to arbitrary files being executed as SYSTEM. For more...

GHSA-VGQ7-9R5R-J9V3 Free5GC is vulnerable to DoS through its Npcf_BDTPolicyControl POST API

An issue was discovered in Free5GC v4.0.0 and v4.0.1 allowing an attacker to cause a denial of service via crafted POST request to the NpcfBDTPolicyControl API...

PT-2025-47980

ASUS System Control Interface and Affected Versions ASUS System Control Interface affected versions not specified Description A local privilege escalation issue exists in the restore mechanism of the ASUS System Control Interface. An unprivileged actor can copy files without proper validation int...

CVE-2025-60632

Free5GC Fix for CVE-2025-60632: A DoS via crafted POST to Npcf_BDTPolicyControl API affects Free5GC v4.0.0/v4.0.1. The SNYK notes indicate improper handling in Npcf_BDTPolicyControl leading to availability impact. Remediation guidance from the connected SNYK reports recommends upgrading the affec...

CVE-2025-63560

An issue in KiloView Dual Channel 4k HDMI & 3G-SDI HEVC Video Encoder Firmware v.1.20.0006 allows a remote attacker to cause a denial of service via the systemctrl API System/reFactory component...

CVE-2025-61156

Incorrect access control in the kernel driver of ThreatFire System Monitor v4.7.0.53 allows attackers to escalate privileges and execute arbitrary commands via an insecure IOCTL...

PT-2025-49053

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the SCMI debug subsystem. If the subsystem fails to initialize, the debug root may be missing, leading to a NULL descriptor. This condition is not...

EUVD-2021-19371

Malware in sbrugna...

EUVD-2014-3452

Malware in sbrugna...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986974)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986974 advisory. In the Linux kernel, the following vulnerability has been resolved: media: s5pcec: limit msg.len to CECMAXMSGSIZE I expect that the hardware will have limited this t...