4837 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-8646
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The hashaccept function in crypto/algifhash.c in the Linux kernel before 4.3.6 allows local users to cause a denial of service OOPS by attempting to trigger use...
Verkehrsauskunft Österreich SmartRide 安全漏洞
Verkehrsauskunft Österreich SmartRide is an Austrian public transportation timetable app by Verkehrsauskunft Österreich. A security vulnerability exists in Verkehrsauskunft Österreich SmartRide, which stems from an improperly exported AndroidManifest.xml component, which could lead to a local...
CVE-2025-9098 Elseplus File Recovery App AndroidManifest.xml improper export of android application components
A vulnerability was determined in Elseplus File Recovery App 4.4.21 on Android. Affected by this issue is some unknown functionality of the file AndroidManifest.xml. The manipulation leads to improper export of android application components. The attack needs to be approached locally. The exploit...
CVE-2025-9097
Summary: CVE-2025-9097 affects the Android app “Euro Information CIC banque et compte en ligne App” (version 12.56.0). The vulnerability is in the AndroidManifest.xml of the component com.cic_prod.bad , where an improper export of Android components is possible. This enables a local attacker to l...
1&1 Mail & Media mail.com App 安全漏洞
1&1 Mail & Media mail.com App is an email application from the German company 1&1 Mail & Media. A security vulnerability exists in 1&1 Mail & Media mail.com App version 8.8.0, which stems from an improper export of the component com.mail.mobile.android.mail, which allows a local attacker to launc...
Linux Distros Unpatched Vulnerability : CVE-2025-5645
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability, which was classified as problematic, was found in Radare2 5.9.9. This affects the function rconspalinit in the library /libr/cons/pal.c of the...
CVE-2025-9093 BuzzFeed App com.buzzfeed.android AndroidManifest.xml improper export of android application components
A security vulnerability has been detected in BuzzFeed App 2024.9 on Android. This affects an unknown part of the file AndroidManifest.xml of the component com.buzzfeed.android. The manipulation leads to improper export of android application components. The attack needs to be approached locally...
CVE-2025-9020
A vulnerability was found in PX4 PX4-Autopilot up to 1.15.4. This issue affects the function MavlinkReceiver::handlemessageserialcontrol of the file src/modules/mavlink/mavlinkreceiver.cpp of the component Mavlink Shell Closing Handler. The manipulation of the argument mavlinkshell leads to use...
CVE-2025-9091
A security flaw has been discovered in Tenda AC20 16.03.08.12. Affected by this vulnerability is an unknown functionality of the file /etcro/shadow. The manipulation leads to hard-coded credentials. It is possible to launch the attack on the local host. The complexity of an attack is rather high...
CVE-2025-9091
A security flaw has been discovered in Tenda AC20 16.03.08.12. Affected by this vulnerability is an unknown functionality of the file /etcro/shadow. The manipulation leads to hard-coded credentials. It is possible to launch the attack on the local host. The complexity of an attack is rather high...
CVE-2025-9091 Tenda AC20 shadow hard-coded credentials
A security flaw has been discovered in Tenda AC20 16.03.08.12. Affected by this vulnerability is an unknown functionality of the file /etcro/shadow. The manipulation leads to hard-coded credentials. It is possible to launch the attack on the local host. The complexity of an attack is rather high...
CVE-2025-9091
Summary: CVE-2025-9091 affects Tenda AC20, specifically the file /etc_ro/shadow. The root cause is hard-coded credentials in that file, enabling a local attack with high impact on confidentiality, integrity, and availability. Exploitation requires local access and is described as difficult, with ...
CVE-2025-9020
A vulnerability was found in PX4 PX4-Autopilot up to 1.15.4. This issue affects the function MavlinkReceiver::handlemessageserialcontrol of the file src/modules/mavlink/mavlinkreceiver.cpp of the component Mavlink Shell Closing Handler. The manipulation of the argument mavlinkshell leads to use...
CVE-2025-9020 PX4 PX4-Autopilot Mavlink Shell Closing mavlink_receiver.cpp handle_message_serial_control use after free
A vulnerability was found in PX4 PX4-Autopilot up to 1.15.4. This issue affects the function MavlinkReceiver::handlemessageserialcontrol of the file src/modules/mavlink/mavlinkreceiver.cpp of the component Mavlink Shell Closing Handler. The manipulation of the argument mavlinkshell leads to use...
CVE-2025-9020 PX4 PX4-Autopilot Mavlink Shell Closing mavlink_receiver.cpp handle_message_serial_control use after free
A vulnerability was found in PX4 PX4-Autopilot up to 1.15.4. This issue affects the function MavlinkReceiver::handlemessageserialcontrol of the file src/modules/mavlink/mavlinkreceiver.cpp of the component Mavlink Shell Closing Handler. The manipulation of the argument mavlinkshell leads to use...
CVE-2025-9020
Summary: CVE-2025-9020 affects PX4 PX4-Autopilot up to 1.15.4. The issue resides in MavlinkReceiver::handle_message_serial_control within mavlink_receiver.cpp of the Mavlink Shell Closing Handler. The argument _mavlink_shell is manipulated, causing a use-after-free condition. Local access is requ...
Linux Distros Unpatched Vulnerability : CVE-2025-3158
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. Affected by this issue is the function...
SUSE CVE-2025-8961
A weakness has been identified in LibTIFF 4.7.0. This affects the function main of the file tiffcrop.c of the component tiffcrop. Executing manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been made available to the public and could be exploited...
CVE-2025-8964
A vulnerability was identified in code-projects Hostel Management System 1.0. This affects an unknown part of the file hostelmanage.exe of the component Login. The manipulation leads to improper authentication. It is possible to launch the attack on the local host. The exploit has been disclosed ...
CVE-2025-8964 code-projects Hostel Management System Login hostel_manage.exe improper authentication
A vulnerability was identified in code-projects Hostel Management System 1.0. This affects an unknown part of the file hostelmanage.exe of the component Login. The manipulation leads to improper authentication. It is possible to launch the attack on the local host. The exploit has been disclosed ...