BELL-CVE-2025-38036

Bulletin has no description...

PT-2025-26170

Name of the Vulnerable Software and Affected Versions open5gs versions 2.7.2 and earlier Description A missing length check in the ogs pfcp dev add function from the PFCP library allows a local attacker to cause a Buffer Overflow by changing the session.dev field with a value with length greater...

CVE-2025-44952

A missing length check in ogspfcpsubnetadd function from PFCP library, used by both smf and upf in open5gs 2.7.2 and earlier, allows a local attacker to cause a Buffer Overflow by changing the session.dnn field with a value with length greater than 101...

CVE-2025-27242

in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through improper input...

CVE-2021-34294

A vulnerability has been identified in JT2Go All versions V13.2, Teamcenter Visualization All versions V13.2. The Gifloader.dll library in affected applications lacks proper validation of user-supplied data when parsing GIF files. This could result in an out of bounds read past the end of an...

CVE-2021-44431

A vulnerability has been identified in JT Utilities All versions V13.1.1.0, JTTK All versions V11.1.1.0. JTTK library in affected products is vulnerable to an out of bounds read past the end of an allocated buffer when parsing specially crafted JT files. An attacker could leverage this...

BELL-CVE-2025-37876

Bulletin has no description...

BELL-CVE-2025-37846

Bulletin has no description...

BELL-CVE-2025-37863

Bulletin has no description...

BELL-CVE-2025-37799

Bulletin has no description...

PT-2025-19974 · Huawei · Harmonyos

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A permission control issue exists in the media library module. Successful exploitation of this issue may affect service confidentiality. Recommendations: At the moment, there is no informati...

Security Bulletin: IBM® Db2® is affected by a vulnerability in the netty library. (CVE-2024-47535, CVE-2025-25193)

Summary IBM® Db2® is vulnerable to a denial of service due to unsafe environment file loading. Vulnerability Details CVEID:CVE-2024-47535 DESCRIPTION: Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers &...

CVE-2025-24252

A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, visionOS 2.4. An attacker on the local network may be able to corrupt process memory...

Medium: python3.12-pip

Issue Overview: Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made with verify=False to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of changes to th...

CVE-2025-32944 PeerTube User Import Authenticated Persistent Denial of Service

The vulnerability allows any authenticated user to cause the PeerTube server to stop functioning in a persistent manner. If user import is enabled which is the default setting, any registered user can upload an archive for importing. The code uses the yauzl library for reading the archive. If the...

p5-Crypt-CBC -- Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

Lib-Crypt-CBC project reports: Crypt::CBC versions between 1.21 and 3.05 for Perl may use the rand function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. This issue affects operating systems where "/dev/urandom'" is unavailable. In that case...

Linux Distros Unpatched Vulnerability : CVE-2025-31498

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - c-ares is an asynchronous resolver library. From 1.32.3 through 1.34.4, there is a use-after-free in readanswers when processanswer may re-enqueue a query eithe...

UBUNTU-CVE-2025-24213

This issue was addressed with improved handling of floats. This issue is fixed in tvOS 18.5, Safari 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, watchOS 11.5, visionOS 2.5. A type confusion issue could lead to memory corruption...

CVE-2025-30077

Open Networking Foundation SD-RAN ONOS onos-lib-go 0.10.28 allows an index out-of-range panic in asn1/aper GetBitString via a zero value of numBits...

CVE-2022-43454

A double free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.1, watchOS 9.2, iOS 16.2 and iPadOS 16.2, tvOS 16.2. An app may be able to execute arbitrary code with kernel privileges...