CVE-2025-9386 appneta tcpreplay tcprewrite get.c get_l2len_protocol use after free

A vulnerability has been found in appneta tcpreplay up to 4.5.1. The impacted element is the function getl2lenprotocol of the file get.c of the component tcprewrite. Such manipulation leads to use after free. The attack must be carried out locally. The exploit has been disclosed to the public and...

CVE-2025-9386 appneta tcpreplay tcprewrite get.c get_l2len_protocol use after free

A vulnerability has been found in appneta tcpreplay up to 4.5.1. The impacted element is the function getl2lenprotocol of the file get.c of the component tcprewrite. Such manipulation leads to use after free. The attack must be carried out locally. The exploit has been disclosed to the public and...

CVE-2025-9386

A vulnerability has been found in appneta tcpreplay up to 4.5.1. The impacted element is the function getl2lenprotocol of the file get.c of the component tcprewrite. Such manipulation leads to use after free. The attack must be carried out locally. The exploit has been disclosed to the public and...

CVE-2025-9385

CVE-2025-9385 affects appneta tcpreplay (tcprewrite component) where the function fix_ipv6_checksums in edit_packet.c can trigger a use-after-free. Impact is limited to local execution; the exploit has been published. Multiple advisories (openSUSE, Fedora, etc.) reference the same issue and note ...

CVE-2025-9385

A flaw has been found in appneta tcpreplay up to 4.5.1. The affected element is the function fixipv6checksums of the file editpacket.c of the component tcprewrite. This manipulation causes use after free. The attack is restricted to local execution. The exploit has been published and may be used...

CVE-2025-9385

A flaw has been found in appneta tcpreplay up to 4.5.1. The affected element is the function fixipv6checksums of the file editpacket.c of the component tcprewrite. This manipulation causes use after free. The attack is restricted to local execution. The exploit has been published and may be used...

CVE-2025-9383

CVE-2025-9383 affects FNKvision Y215 CCTV Camera (version 10.194.120.40). The vulnerability is in the crypt function of /etc/passwd, where weak hashing is used, enabling a local attack with high attack complexity and low overall impact (confidentiality partial, others none). Exploitation is local...

CVE-2025-9383 FNKvision Y215 CCTV Camera passwd crypt weak hash

A security vulnerability has been detected in FNKvision Y215 CCTV Camera 10.194.120.40. This issue affects the function crypt of the file /etc/passwd. The manipulation leads to use of weak hash. The attack can only be performed from a local environment. The complexity of an attack is rather high...

PT-2025-34565 · Vim · Vim

Name of the Vulnerable Software and Affected Versions: vim version 9.1.0000 Description: A memory corruption issue exists in vim version 9.1.0000 due to the manipulation of the memmove avx unaligned erms function within the memmove-vec-unaligned-erms.S file. The issue is exploitable locally. An...

CVE-2009-20002

Millenium MP3 Studio versions up to and including 2.0 is vulnerable to a stack-based buffer overflow when parsing .pls playlist files. The application fails to properly validate the length of the File1 field within the playlist, allowing an attacker to craft a malicious .pls file that overwrites...

Astra Linux – Vulnerability in binutils

A vulnerability classified as problematic was discovered in GNU Binutils 2.45. The function copysection in the file binutils/objcopy.c is affected by this vulnerability. Manipulation of this function leads to a heap-based buffer overflow. Local attacks are required to exploit this vulnerability...

Astra Linux – Vulnerability in binutils

A vulnerability, classified as problematic, has been discovered in GNU Binutils 2.45. The affected function is bfdelfsetgroupcontents in the file bfd/elf.c. This manipulation leads to out-of-bounds writing. The attack can be launched on the local host. The exploit has been disclosed to the public...

Linux Distros Unpatched Vulnerability : CVE-2025-8734

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability has been found in GNU Bison up to 3.8.2. This impacts the function codefree of the file src/scan-code.c. The manipulation leads to double free. ...

Linux Distros Unpatched Vulnerability : CVE-2025-8733

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw has been found in GNU Bison up to 3.8.2. This affects the function obstackvprintfinternal of the file obprintf.c. Executing manipulation can lead to...

SUSE CVE-2025-9301

A vulnerability was determined in cmake 4.1.20250725-gb5cce23. This affects the function cmForEachFunctionBlocker::ReplayItems of the file cmForEachCommand.cxx. This manipulation causes reachable assertion. The attack needs to be launched locally. The exploit has been publicly disclosed and may b...

CVE-2010-20114

VariCAD EN up to and including version 2010-2.05 is vulnerable to a stack-based buffer overflow when parsing .dwb drawing files. The application fails to properly validate the length of input data embedded in the file, allowing a crafted .dwb file to overwrite critical memory structures. This fla...

CVE-2010-20123

The CVE-2010-20123 entry concerns Steinberg MyMP3Player (version 3.0, build 3.0.0.67). It describes a stack-based buffer overflow triggered while parsing .m3u playlist files, due to improper validation of input length in the playlist data. The vulnerability allows an attacker to overwrite memory ...

CVE-2025-9309

CVE-2025-9309 affects Tenda AC10 16.03.10.13. The vulnerability lies in the MD5 Hash Handler component, specifically an unknown function within the "/etc_ro/shadow" file, where manipulation leads to hard-coded credentials. Exploitation requires local access and is described as high complexity, wi...

CVE-2025-9309 Tenda AC10 MD5 Hash shadow hard-coded credentials

A vulnerability was found in Tenda AC10 16.03.10.13. Affected is an unknown function of the file /etcro/shadow of the component MD5 Hash Handler. Performing manipulation results in hard-coded credentials. The attack needs to be approached locally. A high degree of complexity is needed for the...

AZL-66557 CVE-2025-9301 affecting package cmake for versions less than 3.30.3-9

A vulnerability was determined in cmake 4.1.20250725-gb5cce23. This affects the function cmForEachFunctionBlocker::ReplayItems of the file cmForEachCommand.cxx. This manipulation causes reachable assertion. The attack needs to be launched locally. The exploit has been publicly disclosed and may b...