4835 matches found
CVE-2025-7883 Eluktronics Control Center Powershell Script Command command injection
A vulnerability classified as critical has been found in Eluktronics Control Center 5.23.51.41. Affected is an unknown function of the file \AiStoneService\MyControlCenter\Command of the component Powershell Script Handler. The manipulation leads to command injection. Attacking locally is a...
CVE-2025-7883
CVE-2025-7883 affects Eluktronics Control Center 5.23.51.41. A vulnerability in the Powershell Script Handler’s file path AiStoneService\MyControlCenter\Command enables local command injection. Exploitation requires local access; the exploit has been disclosed publicly. The root cause involves an...
OESA-2025-1851 ncurses security update
The ncurses new curses library is a free software emulation of curses in System V Release 4.0 SVr4, and more. It uses terminfo format, supports pads and color and multiple highlights and forms characters and function-key mapping, and has all the other SVr4-curses enhancements over BSD curses. SVr...
CVE-2025-5344 Exposed AIDL service allowing for tampering of system secure settings in Bluebird kiosk application
Bluebird devices contain a pre-loaded kiosk application. This application exposes an unsecured service provider "com.bluebird.kiosk.launcher.IpartnerKioskRemoteService". A local attacker can bind to the AIDL-type service to modify device's global settings and wallpaper image. This issue affects a...
PT-2025-29943 · Lenovo · Lenovo Vantage
Name of the Vulnerable Software and Affected Versions: Lenovo Vantage affected versions not specified Description: Lenovo Vantage contains an improper validation issue that may allow a local attacker to execute code with elevated permissions by modifying an application configuration file...
CVE-2025-7485
A vulnerability classified as problematic was found in Open5GS up to 2.7.3. Affected by this vulnerability is the function ngaprecvhandler/s1aprecvhandler/recvhandler of the component SCTP Partial Message Handler. The manipulation leads to reachable assertion. The attack needs to be approached...
DEBIAN-CVE-2025-7546
A vulnerability, which was classified as problematic, has been found in GNU Binutils 2.45. Affected by this issue is the function bfdelfsetgroupcontents of the file bfd/elf.c. The manipulation leads to out-of-bounds write. It is possible to launch the attack on the local host. The exploit has bee...
CVE-2025-7545
A vulnerability classified as problematic was found in GNU Binutils 2.45. Affected by this vulnerability is the function copysection of the file binutils/objcopy.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the publ...
CVE-2025-7545
A vulnerability classified as problematic was found in GNU Binutils 2.45. Affected by this vulnerability is the function copysection of the file binutils/objcopy.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the publ...
CVE-2025-7545
A vulnerability classified as problematic was found in GNU Binutils 2.45. Affected by this vulnerability is the function copysection of the file binutils/objcopy.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the publ...
CVE-2025-7485
CVE-2025-7485 affects Open5GS up to 2.7.3. The vulnerability lies in the SCTP Partial Message Handler, specifically the ngap_recv_handler/s1ap_recv_handler/recv_handler functions, where input manipulation leads to a reachable assertion. Exploitation requires local access. The patch cfa44575020f3f...
CVE-2025-7485 Open5GS SCTP Partial Message recv_handler assertion
A vulnerability classified as problematic was found in Open5GS up to 2.7.3. Affected by this vulnerability is the function ngaprecvhandler/s1aprecvhandler/recvhandler of the component SCTP Partial Message Handler. The manipulation leads to reachable assertion. The attack needs to be approached...
CVE-2025-7485 Open5GS SCTP Partial Message recv_handler assertion
A vulnerability classified as problematic was found in Open5GS up to 2.7.3. Affected by this vulnerability is the function ngaprecvhandler/s1aprecvhandler/recvhandler of the component SCTP Partial Message Handler. The manipulation leads to reachable assertion. The attack needs to be approached...
CVE-2025-47182
Improper input validation in Microsoft Edge Chromium-based allows an authorized attacker to bypass a security feature locally...
CVE-2025-47182
Improper input validation in Microsoft Edge Chromium-based allows an authorized attacker to bypass a security feature locally...
CVE-2025-53503
Trend Micro Cleaner One Pro is vulnerable to a Privilege Escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own...
CVE-2025-52473 liboqs secret-dependent branching in HQC reference implementation when compiled with Clang 17-20
liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Multiple secret-dependent branches have been identified in the reference implementation of the HQC key encapsulation mechanism when it is compiled with Clang for optimization levels...
CVE-2025-47991
Use after free in Microsoft Input Method Editor IME allows an authorized attacker to elevate privileges locally...
CVE-2025-49684
Buffer over-read in Storage Port Driver allows an authorized attacker to disclose information locally...
CVE-2025-47982
Improper input validation in Windows Storage VSP Driver allows an authorized attacker to elevate privileges locally...