Lucene search
K

4838 matches found

Positive Technologies
Positive Technologies
added 2025/09/26 12:0 a.m.7 views

PT-2025-39641

Name of the Vulnerable Software and Affected Versions OGRECave Ogre versions prior to 14.4.1 Description A flaw exists in OGRECave Ogre that allows for a null pointer dereference. This occurs due to manipulation of the mDefaultLog argument within the Ogre::LogManager::stream function, located in...

4.8CVSS3.9AI score0.00186EPSS
Exploits1References14
CNNVD
CNNVD
added 2025/09/26 12:0 a.m.4 views

openbabel 代码问题漏洞

openbabel is a chemistry toolkit software from Open Babel open source. A code issue vulnerability exists in openbabel 3.1.1 and earlier versions, which stems from a null pointer dereference in the function ChemKinFormat::ReadReactionQualifierLines in the file /src/formats/chemkinformat.cpp, which...

5.5CVSS4.3AI score0.00187EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/09/26 12:0 a.m.3 views

openbabel 安全漏洞

openbabel is a chemistry toolkit software from Open Babel open source. A security vulnerability exists in openbabel 3.1.1 and earlier versions, which originates from a heap buffer overflow in the function ChemKinFormat::CheckSpecies in the file /src/formats/chemkinformat.cpp, which could lead to ...

7.8CVSS5.4AI score0.00224EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/09/25 11:2 a.m.7 views

CVE-2025-10941 Topaz SERVCore Teller Installer SERVCoreTeller_2.0.40D.msi permission

A vulnerability was determined in Topaz SERVCore Teller 2.14.0-RC2/2.14.1. Affected by this issue is some unknown functionality of the file SERVCoreTeller2.0.40D.msi of the component Installer. Executing manipulation can lead to permission issues. The attack needs to be launched locally. You shou...

8.5CVSS0.00129EPSS
Exploits0References4
CVE
CVE
added 2025/09/25 11:2 a.m.13 views

CVE-2025-10941

The CVE-2025-10941 entry concerns Topaz SERVCore Teller versions 2.14.0-RC2/2.14.1, where the vulnerability affects the Installer component (SERVCoreTeller_2.0.40D.msi). The issue is described as a local permission problem in the installer file that could enable a local privilege/permission manip...

8.5CVSS7.4AI score0.00129EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/09/24 1:2 p.m.13 views

CVE-2025-10906 Magnetism Studios Endurance NSXPC com.MagnetismStudios.endurance.helper loadModuleNamed:WithReply missing authentication

A flaw has been found in Magnetism Studios Endurance up to 3.3.0 on macOS. This affects the function loadModuleNamed:WithReply of the file /Applications/Endurance.app/Contents/Library/LaunchServices/com.MagnetismStudios.endurance.helper of the component NSXPC Interface. Executing manipulation can...

8.6CVSS0.00224EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/09/24 12:0 a.m.1 views

Magnetism Studios Endurance 访问控制错误漏洞

Magnetism Studios Endurance is a battery management tool from Magnetism Studios, Inc. An access control error vulnerability exists in Magnetism Studios Endurance version 3.3.0 and earlier, which stems from a lack of authentication in the loadModuleNamedWithReply function in the NSXPC Interface...

8.6CVSS8.2AI score0.00224EPSS
Exploits0References6
OSV
OSV
added 2025/09/23 12:15 a.m.2 views

DEBIAN-CVE-2025-10823

A vulnerability was found in axboe fio up to 3.41. This affects the function strbufferpatterncb of the file options.c. Performing manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been made public and could be used...

4.8CVSS4AI score0.00136EPSS
Exploits0References1
OSV
OSV
added 2025/09/23 12:15 a.m.3 views

UBUNTU-CVE-2025-10823

A vulnerability was found in axboe fio up to 3.41. This affects the function strbufferpatterncb of the file options.c. Performing manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been made public and could be used...

4.8CVSS5.4AI score0.00136EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/09/23 12:0 a.m.5 views

PT-2025-39092

Name of the Vulnerable Software and Affected Versions axboe fio versions up to 3.41 Description A flaw exists in axboe fio up to version 3.41. This issue is related to the parse jobs ini function within the init.c file, which can lead to a use after free condition. The attack requires local acces...

5.3CVSS5.7AI score0.00133EPSS
Exploits0References13
CNNVD
CNNVD
added 2025/09/23 12:0 a.m.4 views

fio 资源管理错误漏洞

fio is a flexible I/O testing software by the individual developer Jens Axboe. A resource management error vulnerability exists in fio 3.41 and earlier versions, which stems from a post-release reuse issue in the parsejobsini function in the init.c file, which could lead to a local attack...

5.3CVSS5.1AI score0.00133EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/09/22 11:32 p.m.15 views

CVE-2025-10823 axboe fio options.c str_buffer_pattern_cb null pointer dereference

A vulnerability was found in axboe fio up to 3.41. This affects the function strbufferpatterncb of the file options.c. Performing manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been made public and could be used...

4.8CVSS0.00136EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/09/22 11:32 p.m.2 views

CVE-2025-10823 axboe fio options.c str_buffer_pattern_cb null pointer dereference

A vulnerability was found in axboe fio up to 3.41. This affects the function strbufferpatterncb of the file options.c. Performing manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been made public and could be used...

4.8CVSS6AI score0.00136EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/09/21 6:28 p.m.13 views

CVE-2025-10722

A vulnerability was detected in SKTLab Mukbee App 1.01.196 on Android. This affects an unknown function of the file AndroidManifest.xml of the component com.dw.android.mukbee. The manipulation results in improper export of android application components. The attack must be initiated from a local...

5.3CVSS6.1AI score0.00122EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/19 5:32 p.m.14 views

CVE-2025-10721 Webull Investing & Trading App AndroidManifest.xml improper export of android application components

A vulnerability was determined in Webull Investing & Trading App 11.2.5.63 on Android. This vulnerability affects unknown code of the file AndroidManifest.xml. This manipulation causes improper export of android application components. The attack can only be executed locally. The exploit has been...

5.3CVSS0.00132EPSS
Exploits0References5
NVD
NVD
added 2025/09/19 4:15 p.m.8 views

CVE-2025-10718

A vulnerability was found in Ooma Office Business Phone App up to 7.2.2 on Android. This affects an unknown part of the component com.ooma.office2. The manipulation results in improper export of android application components. The attack needs to be approached locally. The exploit has been made...

5.3CVSS0.00131EPSS
Exploits0References4
CVE
CVE
added 2025/09/19 4:2 p.m.14 views

CVE-2025-10718

CVE-2025-10718 affects the Ooma Office Business Phone App for Android up to version 7.2.2, specifically the com.ooma.office2 component. The root cause is improper export of Android application components, enabling local exploitation. The vulnerability has publicly available exploit details and ca...

5.3CVSS5.9AI score0.00131EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/09/19 12:0 a.m.3 views

Webull Investing & Trading App 安全漏洞

Webull Investing & Trading App is an online securities trading and financial investment application from Webull, Inc. A security vulnerability exists in Webull Investing & Trading App version 11.2.5.63, which stems from an improperly exported AndroidManifest.xml file and could lead to a local...

5.3CVSS5.3AI score0.00132EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/09/19 12:0 a.m.3 views

Ooma Office Business Phone App 安全漏洞

Ooma Office Business Phone App is a cloud-based morning phone system from Ooma USA. A security vulnerability exists in Ooma Office Business Phone App version 7.2.2 and prior versions, which stems from improper export of android application components and could lead to a local attack...

5.3CVSS5.3AI score0.00131EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/09/19 12:0 a.m.5 views

SKTLab Mukbee App 安全漏洞

SKTLab Mukbee App is a food recommendation and community sharing app from SKTLab USA. A security vulnerability exists in SKTLab Mukbee App version 1.01.196, which stems from an improperly exported component com.dw.android.mukbee in the AndroidManifest.xml file, which could lead to a local attack...

5.3CVSS5.2AI score0.00122EPSS
Exploits0References6
Rows per page
Query Builder