1366 matches found
CVE-2023-53524
CVE-2023-53524 involves an integer overflow in the Linux kernel’s iwl_write_to_user_buf() used by iwl_dbgfs_monitor_data_read() in iwlwifi PCIe. The bug computes buf_size_left from count and *bytes_copied, then reduces it and may pass a negative value to copy_to_user, causing a heap overflow. It ...
CVE-2025-10847
DX Unified Infrastructure Management Nimsoft/UIM and below contains an improper ACL handling vulnerability in the robot controller component. A remote attacker can execute commands, read from, or write to the target system...
Exploit for CVE-2025-31125
🔐 Vite/Vue JS Exploitation Toolkit =============================...
CVE-2025-42958
Due to a missing authentication check in the SAP NetWeaver application on IBM i-series, the application allows high privileged unauthorized users to read, modify, or delete sensitive information, as well as access administrative or privileged functionalities. This results in a high impact on the...
Unspecified Vulnerability in SAP NetWeaver Application Server (CNVD-2025-21159)
SAP NetWeaver Application Server is an application server from SAP, Germany. A security vulnerability in SAP NetWeaver Application Server can be exploited by an attacker to potentially cause sensitive information to be read, modified, or deleted...
Linux Distros Unpatched Vulnerability : CVE-2024-23791
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insertion of debug information into log file during building the elastic search index allows reading of sensitive information from articles.This issue affects...
CVE-2025-7746
CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists that could cause an unvalidated data injected by a malicious user potentially leading to modify or read data in a victim’s browser...
CVE-2025-9364 Rockwell Automation FactoryTalk® Analytics™ LogixAI® Exposed Redis DB
An open database issue exists in the affected product and version. The security issue stems from an over permissive Redis instance. This could result in an attacker on the intranet accessing sensitive data and potential alteration of data...
ROS-20250908-04
A vulnerability in Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to incorrect input data validation in the 2D component of Oracle GraalVM. Oracle Java SE platform is related to incorrect input data validation in...
CVE-2023-21477
Access of Memory Location After End of Buffer vulnerability in TIGERF trustlet prior to SMR Apr-2023 Release 1 allows local attackers to access protected data...
Linux Distros Unpatched Vulnerability : CVE-2025-30719
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.1.6. Easily exploitable...
CVE-2025-22483
A cross-site scripting XSS vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to bypass security mechanisms or read application data. We have already fixed the vulnerability...
CVE-2024-12923
A cross-site scripting XSS vulnerability has been reported to affect Photo Station. If a remote attacker gains a user account, they can then exploit the vulnerability to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following version: Photo...
CVE-2024-12923 Photo Station
A cross-site scripting XSS vulnerability has been reported to affect Photo Station. If a remote attacker gains a user account, they can then exploit the vulnerability to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following version: Photo...
Linux Distros Unpatched Vulnerability : CVE-2022-21487
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.34. Easily...
Linux Distros Unpatched Vulnerability : CVE-2020-29582
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation. An attacker was able to read data from such files and...
PT-2025-34599 · Google · Google Cloud Dataform
Name of the Vulnerable Software and Affected Versions: Google Cloud Dataform affected versions not specified Description: A path traversal vulnerability exists in the NPM package installation process of Google Cloud Dataform. A remote attacker can read and write files in other customers'...
Linux Distros Unpatched Vulnerability : CVE-2019-2553
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are prior to 5.2.24 and...
Linux Distros Unpatched Vulnerability : CVE-2016-8640
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A SQL injection vulnerability in pycsw all versions before 2.0.2, 1.10.5 and 1.8.6 that leads to read and extract of any data from any table in the pycsw databa...
PT-2025-34342 · Uniong · Webitr
Name of the Vulnerable Software and Affected Versions: WebITR affected versions not specified Description: WebITR developed by Uniong is susceptible to a SQL Injection issue. This allows unauthenticated remote attackers to inject arbitrary SQL commands, potentially leading to the unauthorized...