Lucene search
K

4835 matches found

RedhatCVE
RedhatCVE
added 2025/07/28 9:26 p.m.9 views

CVE-2025-8210

A vulnerability was found in Yeelink Yeelight App up to 3.5.4 on Android. It has been classified as problematic. Affected is an unknown function of the file AndroidManifest.xml of the component com.yeelight.cherry. The manipulation leads to improper export of android application components...

5.3CVSS5.2AI score0.0021EPSS
Exploits1References1
OSV
OSV
added 2025/07/28 4:15 p.m.3 views

CVE-2025-2297

Prior to version 25.4.270.0, a local authenticated attacker can manipulate user profile files to add illegitimate challenge response codes into the local user registry under certain conditions. This allows users with the ability to edit their user profile files to elevate their privileges to...

7.8CVSS6AI score0.00127EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/28 3:40 p.m.7 views

CVE-2025-2297 Privilege Management for Windows - Elevation of Privilege

Prior to version 25.4.270.0, a local authenticated attacker can manipulate user profile files to add illegitimate challenge response codes into the local user registry under certain conditions. This allows users with the ability to edit their user profile files to elevate their privileges to...

7.2CVSS0.00127EPSS
Exploits0References1
OSV
OSV
added 2025/07/28 5:16 a.m.3 views

CVE-2025-8257

A vulnerability classified as problematic was found in Lobby Universe Lobby App up to 2.8.0 on Android. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the component com.maverick.lobby. The manipulation leads to improper export of android application...

4.8CVSS4.7AI score0.002EPSS
Exploits1References4
CVE
CVE
added 2025/07/28 5:2 a.m.22 views

CVE-2025-8258

Summary of CVE-2025-8258 : Affects the Android app “Cool Mo Maigcal Number App” (version up to 1.0.3) and its AndroidManifest.xml handling for component com.sdmagic.number. The vulnerability allows improper export of Android components via a local attack path. Exploitation is indicated as publicl...

5.3CVSS7.1AI score0.002EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2025/07/28 5:2 a.m.9 views

CVE-2025-8258 Cool Mo Maigcal Number App com.sdmagic.number AndroidManifest.xml improper export of android application components

A vulnerability, which was classified as problematic, has been found in Cool Mo Maigcal Number App up to 1.0.3 on Android. Affected by this issue is some unknown functionality of the file AndroidManifest.xml of the component com.sdmagic.number. The manipulation leads to improper export of android...

5.3CVSS0.002EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/07/28 4:32 a.m.2 views

CVE-2025-8176

A flaw was found in libtiff. The gethistogram function in file/tiffmedian.c exhibits a use-after-free condition when processing a specially crafted file, allowing a local attacker to trigger memory corruption. This manipulation results in a use-after-free vulnerability, and can lead to a denial o...

7.8CVSS5AI score0.00238EPSS
Exploits1References10
OSV
OSV
added 2025/07/27 8:15 a.m.8 views

AZL-65960 CVE-2025-8225 affecting package binutils for versions less than 2.37-17

A vulnerability was found in GNU Binutils 2.44 and classified as problematic. This issue affects the function processdebuginfo of the file binutils/dwarf.c of the component DWARF Section Handler. The manipulation leads to memory leak. Attacking locally is a requirement. The identifier of the patc...

4.8CVSS5.1AI score0.00223EPSS
Exploits1References1
OSV
OSV
added 2025/07/27 8:15 a.m.2 views

DEBIAN-CVE-2025-8225

A vulnerability was found in GNU Binutils 2.44 and classified as problematic. This issue affects the function processdebuginfo of the file binutils/dwarf.c of the component DWARF Section Handler. The manipulation leads to memory leak. Attacking locally is a requirement. The identifier of the patc...

4.8CVSS4.2AI score0.00223EPSS
Exploits1References1
OSV
OSV
added 2025/07/27 8:15 a.m.6 views

AZL-65955 CVE-2025-8225 affecting package binutils for versions less than 2.41-9

A vulnerability was found in GNU Binutils 2.44 and classified as problematic. This issue affects the function processdebuginfo of the file binutils/dwarf.c of the component DWARF Section Handler. The manipulation leads to memory leak. Attacking locally is a requirement. The identifier of the patc...

4.8CVSS5.2AI score0.00223EPSS
Exploits1References1
NVD
NVD
added 2025/07/26 9:15 p.m.3 views

CVE-2025-8210

A vulnerability was found in Yeelink Yeelight App up to 3.5.4 on Android. It has been classified as problematic. Affected is an unknown function of the file AndroidManifest.xml of the component com.yeelight.cherry. The manipulation leads to improper export of android application components...

5.3CVSS0.0021EPSS
Exploits1References4
OSV
OSV
added 2025/07/26 4:16 a.m.3 views

CVE-2025-8176

A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as critical. This vulnerability affects the function gethistogram of the file tools/tiffmedian.c. The manipulation leads to use after free. The attack needs to be approached locally. The exploit has been disclosed to the publi...

7.8CVSS7.1AI score
Exploits0References7
OSV
OSV
added 2025/07/26 4:16 a.m.1 views

DEBIAN-CVE-2025-8176

A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as critical. This vulnerability affects the function gethistogram of the file tools/tiffmedian.c. The manipulation leads to use after free. The attack needs to be approached locally. The exploit has been disclosed to the publi...

7.8CVSS5.2AI score0.00238EPSS
Exploits1References1
OSV
OSV
added 2025/07/26 4:16 a.m.2 views

UBUNTU-CVE-2025-8177

A vulnerability was found in LibTIFF up to 4.7.0. It has been rated as critical. This issue affects the function setrow of the file tools/thumbnail.c. The manipulation leads to buffer overflow. An attack has to be approached locally. The patch is named e8c9d6c616b19438695fd829e58ae4fde5bfbc22. It...

7.8CVSS5.5AI score0.00271EPSS
Exploits1References6
Cvelist
Cvelist
added 2025/07/26 4:2 a.m.7 views

CVE-2025-8177 LibTIFF thumbnail.c setrow buffer overflow

A vulnerability was found in LibTIFF up to 4.7.0. It has been rated as critical. This issue affects the function setrow of the file tools/thumbnail.c. The manipulation leads to buffer overflow. An attack has to be approached locally. The patch is named e8c9d6c616b19438695fd829e58ae4fde5bfbc22. It...

5.3CVSS0.00271EPSS
Exploits1References7
CVE
CVE
added 2025/07/26 4:2 a.m.59 views

CVE-2025-8177

CVE-2025-8177 affects LibTIFF up to 4.7.0. The issue is in the function setrow (tools/thumbnail.c) and leads to a buffer overflow. Local attack is required. The patch (e8c9d6c616b19438695fd829e58ae4fde5bfbc22) fixes this issue; affected deployments note the maintainer has dropped support for some...

7.8CVSS5.4AI score0.00271EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2025/07/26 3:32 a.m.9 views

CVE-2025-8176 LibTIFF tiffmedian.c get_histogram use after free

A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as critical. This vulnerability affects the function gethistogram of the file tools/tiffmedian.c. The manipulation leads to use after free. The attack needs to be approached locally. The exploit has been disclosed to the publi...

5.3CVSS0.00238EPSS
Exploits1References7
ATTACKERKB
ATTACKERKB
added 2025/07/24 10:30 p.m.4 views

CVE-2025-22165

This Medium severity ACE Arbitrary Code Execution vulnerability was introduced in version 4.2.8 of Sourcetree for Mac. This ACE Arbitrary Code Execution vulnerability, with a CVSS Score of 5.9, allows a locally authenticated attacker to execute arbitrary code which has high impact to...

7.3CVSS6.1AI score0.0013EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2025/07/24 12:0 a.m.3 views

Veeam Agent for Microsoft Windows Incorrect Default Permissions Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Veeam Agent for Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within th...

7.8CVSS7.5AI score0.00228EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/24 12:0 a.m.2 views

(Pwn2Own) Red Hat Enterprise Linux CBS Packet Scheduling Use-After-Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Red Hat Enterprise Linux. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handlin...

8.8CVSS7.5AI score0.0018EPSS
Exploits0References1
Rows per page
Query Builder