4835 matches found
CVE-2025-25212
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through improper input...
CVE-2025-26690 communication dsoftbus has a NULL pointer vulnerability
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference...
CVE-2025-8735
A flaw was found in cflow. The yylex function in c.c exhibits a null pointer dereference due to manipulation, allowing a local attacker to trigger a denial of service via crafted input. This condition arises from improper handling of lexical analysis data. The resulting null pointer dereference c...
CVE-2025-8732
A flaw was found in libxml2. The xmlParseSGMLCatalog function within the xmlcatalog component exhibits uncontrolled recursion when processing a specially crafted catalog file. A local attacker can trigger this recursive behavior, which can lead to an application level denial of service. Mitigatio...
CVE-2025-8758 TRENDnet TEW-822DRE vsftpd least privilege violation
A vulnerability was found in TRENDnet TEW-822DRE FW103B02. It has been classified as problematic. This affects an unknown part of the component vsftpd. The manipulation leads to least privilege violation. Attacking locally is a requirement. The complexity of an attack is rather high. The...
CVE-2025-8758 TRENDnet TEW-822DRE vsftpd least privilege violation
A vulnerability was found in TRENDnet TEW-822DRE FW103B02. It has been classified as problematic. This affects an unknown part of the component vsftpd. The manipulation leads to least privilege violation. Attacking locally is a requirement. The complexity of an attack is rather high. The...
CVE-2025-8745
A vulnerability, which was classified as problematic, has been found in Weee RICEPO App 6.17.77 on Android. This issue affects some unknown processing of the file AndroidManifest.xml of the component com.ricepo.app. The manipulation leads to improper export of android application components. An...
CVE-2025-8745
CVE-2025-8745 affects Weee RICEPO App 6.17.77 on Android, specifically the com.ricepo.app component. The vulnerability arises from improper export of AndroidManifest.xml handling, enabling a local-attack impact (confidentiality impacted). Exploitation details are publicly disclosed; vendor was co...
CVE-2025-8745 Weee RICEPO App com.ricepo.app AndroidManifest.xml improper export of android application components
A vulnerability, which was classified as problematic, has been found in Weee RICEPO App 6.17.77 on Android. This issue affects some unknown processing of the file AndroidManifest.xml of the component com.ricepo.app. The manipulation leads to improper export of android application components. An...
SUSE CVE-2025-8732
A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to uncontrolled recursion. Attacking locally is a requirement. The exploit has been disclosed to...
CVE-2025-8735
A vulnerability classified as problematic was found in GNU cflow up to 1.8. Affected by this vulnerability is the function yylex of the file c.c of the component Lexer. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to th...
DEBIAN-CVE-2025-8735
A vulnerability classified as problematic was found in GNU cflow up to 1.8. Affected by this vulnerability is the function yylex of the file c.c of the component Lexer. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to th...
UBUNTU-CVE-2025-8735
A vulnerability classified as problematic was found in GNU cflow up to 1.8. Affected by this vulnerability is the function yylex of the file c.c of the component Lexer. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to th...
CVE-2025-8735
CVE-2025-8735 affects GNU cflow up to 1.8. The flaw is in the Lexer component, specifically the function yylex in the file c.c, where manipulation leads to a null pointer dereference . Exploitation requires local access, and public disclosure of the exploit is noted in the sources. The connected ...
CVE-2025-8735 GNU cflow Lexer c.c yylex null pointer dereference
A vulnerability classified as problematic was found in GNU cflow up to 1.8. Affected by this vulnerability is the function yylex of the file c.c of the component Lexer. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to th...
CVE-2025-8735
A vulnerability classified as problematic was found in GNU cflow up to 1.8. Affected by this vulnerability is the function yylex of the file c.c of the component Lexer. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to th...
CVE-2025-8733
Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: Additional analysis indicates that the files referenced in the stack trace do not exist in Bison...
CVE-2025-8734
REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: Additional analysis indicates that the files referenced in the stack trace do not exist in Bison...
DEBIAN-CVE-2025-8732
A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to uncontrolled recursion. Attacking locally is a requirement. The exploit has been disclosed to...
CVE-2025-8732
A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to uncontrolled recursion. Attacking locally is a requirement. The exploit has been disclosed to...