115 matches found
CVE-2025-47366
Technical details for CVE-2025-47366 are not publicly available in the provided documents. Monitor for updates from vendors and security advisories.
CVE-2025-47366 Exposed Dangerous Method or Function in HLOS
Cryptographic issue when a Trusted Zone with outdated code is triggered by a HLOS providing incorrect input...
CVE-2025-47366 Exposed Dangerous Method or Function in HLOS
Cryptographic issue when a Trusted Zone with outdated code is triggered by a HLOS providing incorrect input...
Security Bulletin: IBM watsonx Orchestrate Developer Edition is vulnerable to Exposed Dangerous Method or Function, Origin Validation Error due to webpack-dev-server
Summary webpack-dev-server is used by IBM watsonx Orchestrate Developer Edition as part of wxo-chat Vulnerability Details CVEID:CVE-2025-30359 DESCRIPTION: webpack-dev-server allows users to use webpack with a development server that provides live reloading. Prior to version 5.2.1,...
Exposed Dangerous Method or Function
Overview Affected versions of this package are vulnerable to Exposed Dangerous Method or Function via the sse or streaming transport modes. An attacker can gain unauthorized access to internal resources by tricking a victim into visiting a malicious website or serving a malicious advertisement...
Exposed Dangerous Method or Function
Overview Affected versions of this package are vulnerable to Exposed Dangerous Method or Function via the sse or streaming transport modes. An attacker can gain unauthorized access to internal resources by tricking a victim into visiting a malicious website or serving a malicious advertisement...
Arista NG Firewall replace_marker Exposed Dangerous Function Authentication Bypass Vulnerability
This vulnerability allows remote attackers to to bypass authentication on affected installations of Arista NG Firewall. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handler.p...
CVE-2025-47353 Exposed Dangerous Method or Function in Automotive Software platform based on QNX
Memory corruption while processing request sent from GVM...
CVE-2025-47353
Summary: CVE-2025-47353 describes a memory corruption issue in an Automotive Software platform based on QNX used by Qualcomm, triggered by processing requests sent from GVM. The CVSS 3.1 base score is 7.8 (High) with local attack vector, low attack complexity, and no privileges or user interactio...
CVE-2025-47353 Exposed Dangerous Method or Function in Automotive Software platform based on QNX
Memory corruption while processing request sent from GVM...
EUVD-2024-46535
Malicious code in bioql PyPI...
EUVD-2024-26024
Malicious code in bioql PyPI...
FreeBSD : goldendict -- dangerous method exposed (4ccd6222-9c83-11f0-a337-b42e991fc52e)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 4ccd6222-9c83-11f0-a337-b42e991fc52e advisory. [email protected] reports: GoldenDict 1.5.0 and 1.5.1 has an exposed dangerous method that allows reading a...
goldendict -- dangerous method exposed
[email protected] reports: GoldenDict 1.5.0 and 1.5.1 has an exposed dangerous method that allows reading and modifying files when a user adds a crafted dictionary and then searches for any term included in that dictionary...
CVE-2025-5823
Autel MaxiCharger AC Wallbox Commercial Serial Number Exposed Dangerous Method Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers. Authentication is...
Exposed Dangerous Method or Function
Overview org.webjars.npm:webpack-dev-server is an Uses webpack with a development server that provides live reloading. It should be used for development only. Affected versions of this package are vulnerable to Exposed Dangerous Method or Function via the webpackmodules object. An attacker can...
CVE-2025-26651
Exposed dangerous method or function in Windows Local Session Manager LSM allows an authorized attacker to deny service over a network...
CVE-2025-26651
Exposed dangerous method or function in Windows Local Session Manager LSM allows an authorized attacker to deny service over a network...
CVE-2024-43065
CVE-2024-43065 affects Qualcomm chipsets with cryptographic issues in the generation of asymmetric key pairs for RKP use cases. The root cause is a flaw in how key material is generated, leading to potential weaknesses in confidentiality and integrity. The CVSS base metrics indicate a high impact...
Exposed Dangerous Method or Function
Overview Affected versions of this package are vulnerable to Exposed Dangerous Method or Function through the EncryptionTool endpoint. An attacker can encrypt arbitrary files on the target server with a key of their choosing, making it exceedingly difficult for the target to recover the keys need...