EUVD-2025-201103

Allocation of Resources Without Limits or Throttling, Improper Validation of Specified Quantity in Input vulnerability in The Qt Company Qt on Windows, MacOS, Linux, iOS, Android, x86, ARM, 64 bit, 32 bit allows Excessive Allocation. This issue affects users of the Text component in Qt Quick...

EUVD-2025-200998

An issue was discovered in Camera in Samsung Mobile Processor Exynos 1280 and 2200. Unnecessary registration of a hardware IP address in the Camera device driver can lead to a NULL pointer dereference, resulting in a denial of service...

EUVD-2025-201007

AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the NetFailDetectD binary. This vulnerability allows attackers to execute arbitrary commands via a crafted input...

EUVD-2025-201010

An Improper Input Validation vulnerability exists in the user websocket handler of MAAS. An authenticated, unprivileged attacker can intercept a user.update websocket request and inject the issuperuser property set to true. The server improperly validates this input, allowing the attacker to...

EUVD-2025-201003

In Splunk Enterprise for Windows versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, a new installation of or an upgrade to an affected version can result in incorrect permissions assignment in the Splunk Enterprise for Windows Installation directory. This lets non-administrator users on the machine...

EUVD-2025-199696

Not used...

EUVD-2025-199698

Not used...

EUVD-2025-199693

Not used...

EUVD-2025-199546

Not used...

MINI-WWHG-MGC2-Q4JP

Bulletin has no description...

EUVD-2025-198174

A vulnerability found in IPRateLimit implementation of FileCodeBox up to 2.2 allows remote attackers to bypass ip-based rate limit protection and failed attempt restrictions by faking X-Real-IP and X-Forwarded-For HTTP headers. This can enable attackers to perform DoS attacks or brute force share...

EUVD-2025-198198

Twonky Server 8.5.2 on Linux and Windows is vulnerable to a cryptographic flaw, use of hard-coded cryptographic keys. An attacker with knowledge of the encrypted administrator password can decrypt the value with static keys to view the plain text password and gain administrator-level access to...

EUVD-2025-198206

The Looker endpoint for generating new projects from database connections allows users to specify "looker" as a connection name, which is a reserved internal name for Looker's internal MySQL database. The schemas parameter is vulnerable to SQL injection, enabling attackers to manipulate SELECT...

EUVD-2025-198200

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 expose an authenticated command injection vulnerability in the license activation workflow handled by AudioCodesfiles/ActivateLicense.php. When a license file is uploaded, the application derives a new...

EUVD-2025-198212

A security vulnerability has been detected in mrubyc up to 3.4. This impacts the function mrbcrawrealloc of the file src/alloc.c. Such manipulation of the argument ptr leads to null pointer dereference. An attack has to be approached locally. The name of the patch is...

EUVD-2025-198107

Not used...

EUVD-2025-198201

An issue was discovered in bridgetech probes VB220 IP Network Probe,VB120 Embedded IP + RF Probe, VB330 High-Capacity Probe, VB440 ST 2110 Production Analytics Probe, and NOMAD, firmware versions 6.5.0-9, allowing attackers to gain sensitive information such as administrator passwords via the...

EUVD-2025-197866

A vulnerability has been found in itsourcecode Web-Based Internet Laboratory Management System 1.0. Affected is an unknown function of the file /settings/controller.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...

EUVD-2025-197873

PHPGurukul Complaint Management System 2.0 is vulnerable to Cross Site Scripting XSS via the search parameter in user-search.php...

EUVD-2025-197676

Not used...