CVE-2025-20740

In wlan STA driver, there is a possible out of bounds read due to a race condition. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00435337; Issue ID: MSV-4036...

CVE-2025-36083 Multiple Vulnerabilities in IBM Concert Software.

IBM Concert Software 1.0.0 through 2.0.0 could allow a local user to obtain sensitive information from buffers due to improper clearing of heap memory before release...

SUSE CVE-2025-59956

AgentAPI is an HTTP API for Claude Code, Goose, Aider, Gemini, Amp, and Codex. Versions 0.3.3 and below are susceptible to a client-side DNS rebinding attack when hosted over plain HTTP on localhost. An attacker can gain access to the /messages endpoint served by the Agent API. This allows for th...

Windows Push Notification Information Disclosure Vulnerability

Exposure of sensitive information to an unauthorized actor in Windows Push Notification Core allows an authorized attacker to disclose information locally...

Microsoft Failover Cluster Virtual Driver Information Disclosure Vulnerability

Exposure of sensitive information to an unauthorized actor in Microsoft Failover Cluster Virtual Driver allows an authorized attacker to disclose information locally...

EUVD-2025-34168

In gnss driver, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09920036; Issue ID: MSV-3798...

CVE-2025-20722

In gnss driver, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09920036; Issue ID: MSV-3798...

PT-2025-41878

Name of the Vulnerable Software and Affected Versions gnss driver affected versions not specified Description An out-of-bounds read issue exists in the gnss driver due to an integer overflow. Successful exploitation could lead to local information disclosure, requiring an attacker to already...

EUVD-2025-34071

llama-index has Insecure Temporary File...

CVE-2025-7707 World-Writable NLTK Cache Directory Vulnerability in run-llama/llama_index

The llamaindex library version 0.12.33 sets the NLTK data directory to a subdirectory of the codebase by default, which is world-writable in multi-user environments. This configuration allows local users to overwrite, delete, or corrupt NLTK data files, leading to potential denial of service, dat...

CVE-2025-21050

CVE-2025-21050 affects Samsung Mobile devices in the Contacts component prior to SMR Oct-2025 Release 1. The root cause is improper input validation, enabling a local attacker to access data across multiple user profiles. Impact is confidentiality-focused (high), with local, low-complexity access...

EUVD-2025-33682

Improper access control in SecSettings prior to SMR Oct-2025 Release 1 allows local attackers to access sensitive information. User interaction is required for triggering this vulnerability...

EUVD-2021-19392

Malware in sbrugna...

EUVD-2020-1777

Malware in sbrugna...

EUVD-2010-2479

Malware in sbrugna...

EUVD-2018-16904

Malware in sbrugna...

EUVD-2018-2694

Malware in sbrugna...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414539)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414539 advisory. A memory leak vulnerability was found in the Linux kernel's eBPF for the Simulated networking device driver in the way user uses BPF for the device such that functio...

EUVD-2025-18217

Malicious code in bioql PyPI...

EUVD-2023-35099

Malicious code in bioql PyPI...