CVE-2025-8907

The CVE-2025-8907 entry concerns H3C M2 NAS V100R006, where the Webserver Configuration component is implicated. The vulnerability is described as allowing execution with unnecessary privileges via local manipulation, with attack complexity rated high and requiring local access. Vendor notes indi...

PT-2025-32525 · Broadcom · Symantec Pgp Encryption

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: Privilege escalation occurs when a user gains access to more resources or functionality than they are normally permitted. Recommendations: At the moment, ther...

PT-2025-32568

Name of the Vulnerable Software and Affected Versions: ABB Aspect affected versions not specified Description: A missing authentication issue exists for a critical function in ABB Aspect. This allows unauthorized access to sensitive functionality. Recommendations: At the moment, there is no...

CVE-2025-8741

A vulnerability was found in macrozheng mall up to 1.0.3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/login. The manipulation leads to cleartext transmission of sensitive information. The attack can be launched remotely. The...

CVE-2025-8793 LitmusChaos Litmus resource injection

A vulnerability classified as problematic was found in LitmusChaos Litmus up to 3.19.0. Affected by this vulnerability is an unknown functionality. The manipulation of the argument projectID leads to improper control of resource identifiers. The attack can be launched remotely. The exploit has be...

CVE-2025-8741

A vulnerability was found in macrozheng mall up to 1.0.3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/login. The manipulation leads to cleartext transmission of sensitive information. The attack can be launched remotely. The...

CVE-2025-8742 macrozheng mall Admin Login excessive authentication

A vulnerability was found in macrozheng mall 1.0.3. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Admin Login. The manipulation leads to improper restriction of excessive authentication attempts. The attack may be launched remotely. The...

PT-2025-32413 · Unknown · Macrozheng Mall

Name of the Vulnerable Software and Affected Versions: macrozheng mall versions up to 1.0.3 Description: A vulnerability exists in macrozheng mall up to version 1.0.3, involving the cleartext transmission of sensitive information. The vulnerability affects an unknown functionality of the...

CVE-2025-47152

An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Co. Ltd PDF-XChange Editor 10.6.0.396. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive...

CVE-2025-27931

An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Editor version 10.5.2.395. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information...

CVE-2025-50688

A command injection vulnerability exists in TwistedWeb version 14.0.0 due to improper input sanitization in the file upload functionality. An attacker can exploit this vulnerability by sending a specially crafted HTTP PUT request to upload a malicious file e.g., a reverse shell script. Once...

Linux Distros Unpatched Vulnerability : CVE-2024-43825

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: iio: Fix the sorting functionality in iiogtsbuildavailtimetable The sorting in...

CVE-2025-8523

A vulnerability has been found in RiderLike Fruit Crush-Brain App 1.0 on Android and classified as problematic. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the component com.fruitcrush.fun. The manipulation leads to improper export of android...

Linux Distros Unpatched Vulnerability : CVE-2021-47108

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: hdmi: Perform NULL pointer check for mtkhdmiconf In commit 41ca9caaae0b...

(0Day) AOMEI Backupper Workstation Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of AOMEI Backupper Workstation. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. User interaction on the part of an...

CVE-2025-27931

An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Editor version 10.5.2.395. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information...

CVE-2025-27931

An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Editor version 10.5.2.395. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information...

CVE-2025-8538

A vulnerability has been found in Portabilis i-Educar 2.10 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /usuarios/tipos/novo. The manipulation of the argument name/description leads to cross site scripting. The attack can be launched...

PT-2025-31935 · Tracker · Pdf-Xchange Editor

Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor version 10.6.0.396 Description: An out-of-bounds read issue exists in the EMF functionality. Exploitation involves using a specially crafted EMF file, which could lead to the disclosure of sensitive information...

CVE-2025-4599

The fragment preview functionality in Liferay Portal 7.4.3.61 through 7.4.3.132, and Liferay DXP 2024.Q4.1 through 2024.Q4.5, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.13 and 7.4 update 61 through update 92 was found to be vulnerable to postMessage-base...