257 matches found
CVE-2025-9016
A vulnerability was identified in Mechrevo Control Center GX V2 5.56.51.48. This affects an unknown part of the file C:\Program Files\OEM\机械革命控制中心\AiStoneService\MyControlCenter\Command of the component Powershell Script Handler. The manipulation leads to uncontrolled search path. Local access is...
CVE-2025-9016 Mechrevo Control Center GX V2 Powershell Script Command uncontrolled search path
A vulnerability was identified in Mechrevo Control Center GX V2 5.56.51.48. This affects an unknown part of the file C:\Program Files\OEM\机械革命控制中心\AiStoneService\MyControlCenter\Command of the component Powershell Script Handler. The manipulation leads to uncontrolled search path. Local access is...
CVE-2025-9016
CVE-2025-9016 concerns Mechrevo Control Center GX V2 (version 5.56.51.48). The vulnerability arises in the Powershell Script Handler component, specifically the file path C:\Program Files\OEM\机械革命控制中心\AiStoneService\MyControlCenter\Command, where an uncontrolled search path condition is reported....
PT-2025-33453 · Px4 · Px4-Autopilot
Name of the Vulnerable Software and Affected Versions: PX4 PX4-Autopilot versions through 1.15.4 Description: A use-after-free issue exists in the MavlinkReceiver::handle message serial control function within the src/modules/mavlink/mavlink receiver.cpp file of the Mavlink Shell Closing Handler...
Linux Distros Unpatched Vulnerability : CVE-2019-17009
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When running, the updater service wrote status and log files to an unrestricted location; potentially allowing an unprivileged process to locate and exploit a...
CVE-2025-8962
A vulnerability was found in code-projects Hostel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file hostelmanage.exe of the component Login Form. The manipulation of the argument uname leads to stack-based buffer overflow. Local access is required to...
CVE-2025-8774
A vulnerability has been found in riscv-boom SonicBOOM up to 2.2.3 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component L1 Data Cache Handler. The manipulation leads to observable timing discrepancy. Local access is required to approach this...
CVE-2025-8757
A vulnerability was found in TRENDnet TV-IP110WN 1.2.2 and classified as problematic. Affected by this issue is some unknown functionality of the file /server/boa.conf of the component Embedded Boa Web Server. The manipulation leads to least privilege violation. Local access is required to approa...
CVE-2025-8851
A vulnerability was determined in LibTIFF up to 4.5.1. Affected by this issue is the function readSeparateStripsetoBuffer of the file tools/tiffcrop.c of the component tiffcrop. The manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The patch is...
CVE-2025-8843
CVE-2025-8843 affects NASM Netwide Assembler, specifically the outmacho.c function macho_no_dead_strip. The issue is a heap-based buffer overflow introduced in NASM 2.17rc0, requiring local access for exploitation. Exploit details have been disclosed publicly. The provided connected sources confi...
CVE-2025-8736
A flaw was found in cflow. The yylex function in c.c exhibits a buffer overflow vulnerability, triggered by manipulation of input data. A local attacker could exploit this issue to cause an application level denial of service. This vulnerability stems from insufficient bounds checking during...
PT-2025-32468 · Unknown · Litmuschaos Litmus
Name of the Vulnerable Software and Affected Versions: LitmusChaos Litmus versions prior to 3.19.1 Description: A problematic issue exists in the LocalStorage Handler component of LitmusChaos Litmus. Manipulation of the projectID argument can lead to authorization bypass. Local access is required...
CVE-2025-8774
CVE-2025-8774 affects riscv-boom SonicBOOM up to version 2.2.3. The vulnerability is in the L1 Data Cache Handler, where manipulation causes observable timing discrepancies. Exploitation requires local access and is described as high attack complexity; vendor response has been absent. Public sour...
CVE-2025-8757 TRENDnet TV-IP110WN Embedded Boa Web Server boa.conf least privilege violation
A vulnerability was found in TRENDnet TV-IP110WN 1.2.2 and classified as problematic. Affected by this issue is some unknown functionality of the file /server/boa.conf of the component Embedded Boa Web Server. The manipulation leads to least privilege violation. Local access is required to approa...
CVE-2025-8746
A vulnerability, which was classified as problematic, was found in GNU libopts up to 27.6. Affected is the function strstrsse2. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. This issue w...
CVE-2025-8746
CVE-2025-8746 concerns GNU libopts up to 27.6, where the __strstr_sse2 function can cause memory corruption with local access. The description notes the bug is in libopts (an external library) and affects products still linked to vulnerable libopts; exploitation has been disclosed. Connected OSV/...
CVE-2025-8736
A vulnerability, which was classified as critical, has been found in GNU cflow up to 1.8. Affected by this issue is the function yylex of the file c.c of the component Lexer. The manipulation leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclose...
CVE-2025-8707
A vulnerability was found in Huuge Box App 1.0.3 on Android. It has been classified as problematic. This affects an unknown part of the file AndroidManifest.xml of the component com.huuge.game.zjbox. The manipulation leads to improper export of android application components. Local access is...
PT-2025-32339 · Unknown · Com.Huuge.Game.Zjbox +1
Name of the Vulnerable Software and Affected Versions: Huuge Box version 1.0.3 Description: A vulnerability exists in the Huuge Box App for Android. The issue involves the improper export of Android application components due to manipulation of an unknown part of the AndroidManifest.xml file with...
PT-2025-32404 · Photodex · Proshow Producer
Name of the Vulnerable Software and Affected Versions: Photodex ProShow Producer version 5.0.3256 Description: Photodex ProShow Producer version 5.0.3256 contains a stack-based buffer overflow vulnerability in the handling of plugin load list files. When a specially crafted load file is placed in...