PT-2025-23752

Name of the Vulnerable Software and Affected Versions Android versions prior to SMR Jun-2025 Release 1 Description The issue concerns the improper export of Android application components in Bluetooth, allowing local attackers to make devices discoverable. Recommendations For Android versions pri...

PT-2025-23750

Name of the Vulnerable Software and Affected Versions Fingerprint trustlet versions prior to SMR May-2025 Release 1 Description The issue is an out-of-bounds read in the fingerprint trustlet, allowing local privileged attackers to read out-of-bounds memory. Recommendations For versions prior to S...

PT-2025-23754 · Samsung · Libsecimaging.Camera.Samsung.So

Name of the Vulnerable Software and Affected Versions: libsecimaging.camera.samsung.so versions prior to SMR Jun-2025 Release 1 Description: The issue is an out-of-bounds write that allows local attackers to write out-of-bounds memory. This can be exploited by local attackers. Recommendations: Fo...

JVN#05562338: Improper file access permission settings in PC Time Tracer

PC Time Tracer provided by Keiyo System Co., LTD contains a vulnerability listed below. Incorrect default permissions CWE-276 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Base Score 7.0 CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H Base Score 7.3 CVE-2025-46355 Impact Arbitrary...

CVE-2025-2502

CVE-2025-2502 describes an improper default permissions issue in Lenovo PC Manager that could enable a local attacker to elevate privileges. The event is rated High (CVSSv3.1: Local, Low complexity, Privileges Required: Low, User Interaction: None; Impact on C/I/A: High). Some connected sources r...

CVE-2025-1479

CVE-2025-1479 concerns Lenovo Legion Space: an open debug interface on certain Legion devices could allow a local attacker to execute arbitrary code. The vulnerability is described across multiple feeds (NVD/Red Hat/CVE listings and related advisories) as a local-privilege issue with the debug in...

CVE-2025-5297

A vulnerability, which was classified as critical, has been found in SourceCodester Computer Store System 1.0. This issue affects the function Add of the file main.c. The manipulation of the argument laptopcompany/RAM/Processor leads to stack-based buffer overflow. An attack has to be approached...

CVE-2025-5324 TechPowerUp GPU-Z 0x8000645C IOCTL GPU-Z.sys sub_140001880 memory leak

A vulnerability, which was classified as problematic, was found in TechPowerUp GPU-Z 2.23.0. Affected is the function sub140001880 in the library GPU-Z.sys of the component 0x8000645C IOCTL Handler. The manipulation leads to memory leak. It is possible to launch the attack on the local host. The...

CVE-2025-33043 SMM buffer Integrity

APTIOV contains a vulnerability in BIOS where an attacker may cause an Improper Input Validation locally. Successful exploitation of this vulnerability can potentially impact of integrity...

BIT-PYTORCH-2025-3730 PyTorch LossCTC.cpp torch.nn.functional.ctc_loss denial of service

A vulnerability, which was classified as problematic, was found in PyTorch 2.6.0. Affected is the function torch.nn.functional.ctcloss of the file aten/src/ATen/native/LossCTC.cpp. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed ...

PT-2025-23166 · Aptiov · Aptiov

Name of the Vulnerable Software and Affected Versions: APTIOV affected versions not specified Description: The issue is related to an Improper Input Validation in the BIOS, which can be exploited locally by an attacker. This could potentially impact the integrity of the system. Recommendations: A...

PT-2025-23189 · Techpowerup · Gpu-Z

Name of the Vulnerable Software and Affected Versions: TechPowerUp GPU-Z version 2.23.0 Description: A problematic issue was found in the function sub 140001880 within the GPU-Z.sys library, affecting the 0x8000645C IOCTL Handler component. This issue leads to a memory leak. The attack can be...

CVE-2025-5297

A vulnerability, which was classified as critical, has been found in SourceCodester Computer Store System 1.0. This issue affects the function Add of the file main.c. The manipulation of the argument laptopcompany/RAM/Processor leads to stack-based buffer overflow. An attack has to be approached...

CVE-2025-5297 SourceCodester Computer Store System main.c Add stack-based overflow

A vulnerability, which was classified as critical, has been found in SourceCodester Computer Store System 1.0. This issue affects the function Add of the file main.c. The manipulation of the argument laptopcompany/RAM/Processor leads to stack-based buffer overflow. An attack has to be approached...

CVE-2025-5297

CVE-2025-5297 affects SourceCodester Computer Store System 1.0; the Add function in main.c is vulnerable due to a stack-based buffer overflow when processing the argument laptopcompany/RAM/Processor. The issue requires local access to exploit. Multiple sources confirm the detail and indicate a la...

CVE-2025-5180

A vulnerability, which was classified as critical, has been found in Wondershare Filmora 14.5.16. Affected by this issue is some unknown functionality in the library CRYPTBASE.dll of the file NFWCHK.exe of the component Installer. The manipulation leads to uncontrolled search path. Attacking...

CVE-2025-5175

A vulnerability was found in erdogant pypickle up to 1.1.5. It has been classified as critical. This affects the function Save of the file pypickle/pypickle.py. The manipulation leads to improper authorization. Attacking locally is a requirement. The exploit has been disclosed to the public and m...

CVE-2025-5173

A vulnerability has been found in HumanSignal label-studio-ml-backend up to 9fb7f4aa186612806af2becfb621f6ed8d9fdbaf and classified as problematic. Affected by this vulnerability is the function load of the file label-studio-ml-backend/labelstudioml/examples/yolo/utils/neuralnets.py of the...

PT-2025-23078 · Sourcecodester · Sourcecodester Computer Store System

Name of the Vulnerable Software and Affected Versions: SourceCodester Computer Store System version 1.0 Description: A critical issue has been found in the SourceCodester Computer Store System. This issue affects the function Add of the file main.c. The manipulation of the argument...

CVE-2025-5245

A vulnerability classified as critical has been found in GNU Binutils up to 2.44. This affects the function debugtypesamep of the file /binutils/debug.c of the component objdump. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been...