CVE-2025-0040

Improper access control between the Joint Test Action Group JTAG and Advanced Extensible Interface AXI could allow an attacker with physical access to read or overwrite the contents of cross-chip debug XCD registers potentially resulting in loss of data integrity or confidentiality...

EUVD-2025-209873

Improper access control between the Joint Test Action Group JTAG and Advanced Extensible Interface AXI could allow an attacker with physical access to read or overwrite the contents of cross-chip debug XCD registers potentially resulting in loss of data integrity or confidentiality...

CVE-2025-0040

CVE-2025-0040 describes an improper access control between JTAG and AXI that could let an attacker with physical access read or overwrite cross-chip debug (XCD) registers, potentially affecting data integrity and confidentiality. The vulnerability affects the AMD ecosystem context referenced in A...

SUSE CVE-2026-43477

In the Linux kernel, the following vulnerability has been resolved: drm/i915/vrr: Configure VRR timings after enabling TRANSDDIFUNCCTL Apparently ICL may hang with an MCE if we write TRANSVRRVMAX/FLIPLINE before enabling TRANSDDIFUNCCTL. Personally I was only able to reproduce a hang on an Dell X...

CVE-2026-44380

MISP is an open source threat intelligence and sharing platform. Prior to 2.5.37, an improper access control vulnerability in the authentication key reset functionality allowed an authenticated organization administrator to reset authentication keys belonging to site administrator accounts within...

Google Cloud Application Integration 安全漏洞

Google Cloud Application Integration is a cloud-based integration platform offered by Google Inc., which supports cross-applicational connections, process orchestration, and API integration. Versions of Google Cloud Application Integration prior to version 2026-01-23 contained security...

PT-2026-41245

Improper access control between the Joint Test Action Group JTAG and Advanced Extensible Interface AXI could allow an attacker with physical access to read or overwrite the contents of cross-chip debug XCD registers potentially resulting in loss of data integrity or confidentiality...

Tabby 安全漏洞

Tabby Terminus is a highly configurable terminal emulator, SSH, and serial client developed by Eugene’s individual developers. Versions of Tabby Terminus prior to version 1.0.233 contain security vulnerabilities. These vulnerabilities stem from the lack of escaping control characters when draggin...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system developed by Huawei Technologies Co., Ltd. It is a full-scenario distributed operating system based on a microkernel architecture. There is a security vulnerability in HUAWEI HarmonyOS, which stems from issues with the permission control of the...

PT-2026-41281

Permission control vulnerability in calls. Impact: Successful exploitation of this vulnerability may affect availability...

PT-2026-41290

Permission control vulnerability in the projection module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

Huawei HarmonyOS 权限许可和访问控制问题漏洞

Huawei HarmonyOS is an operating system developed by Chinese company Huawei. It is a full-scenario distributed operating system based on a microkernel architecture. Huawei HarmonyOS has vulnerabilities related to permission management and access control. These vulnerabilities stem from issues wit...

PT-2026-41302

Name of the Vulnerable Software and Affected Versions vorbis-tools version 1.4.3 Description A stack buffer underflow exists in the ogg123 utility within the remotethread function located in remote.c. This issue occurs during the processing of malformed input via the remote control functionality,...

ROS-20260515-73-0053

A vulnerability in the Google Chrome browser is related to access control flaws. Exploitation of the vulnerability could allow an attacker acting remotely to bypass navigation restrictions using a specially crafted HTML page...

ROS-20260515-73-0026

A vulnerability in the WebAssembly module wasm of Google Chrome and Microsoft Edge browsers is related to access control flaws. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...

Microsoft Azure Monitor Agent < 1.14.0 Elevation of Privilege (CVE-2026-32204)

The version of Microsoft Azure Monitor Agent installed on the remote host is prior to 1.14.0. It is, therefore, affected by an elevation of privilege vulnerability: - External control of file name or path in Azure Monitor Agent allows an authorized attacker to elevate privileges locally. An...

Linux Distros Unpatched Vulnerability : CVE-2026-43490

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: validate inherited ACE SID length smbinheritdacl walks the parent directory DACL loaded from the security descriptor xattr. It verifies that each ACE...

Medical Management System 访问控制错误漏洞

Medical Management System is a pharmacy management system developed by zhuozou. There is an access control vulnerability in Medical Management System, which stems from insecure permission settings, potentially allowing any user to reset their password...

PT-2026-41283

Permission control vulnerability in the app management and control module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

GitHub CLI 安全漏洞

GitHub CLI is an open-source command-line interface for GitHub. Versions of GitHub CLI from 1.6.0 to 2.92.0 contained a security vulnerability. This vulnerability stemmed from the lack of cleaning terminal control sequences when processing GitHub Actions workflow logs. It could allow attackers to...