CVE-2025-14517 Yalantis uCrop AndroidManifest.xml UCropActivity  improper export of android application components

A vulnerability was determined in Yalantis uCrop 2.2.11. This affects the function UCropActivity of the file AndroidManifest.xml. Executing manipulation can lead to improper export of android application components. The attack can only be executed locally. The exploit has been publicly disclosed...

CVE-2025-14517 Yalantis uCrop AndroidManifest.xml UCropActivity  improper export of android application components

A vulnerability was determined in Yalantis uCrop 2.2.11. This affects the function UCropActivity of the file AndroidManifest.xml. Executing manipulation can lead to improper export of android application components. The attack can only be executed locally. The exploit has been publicly disclosed...

EulerOS 2.0 SP13 : cmake (EulerOS-SA-2025-2517)

According to the versions of the cmake packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was determined in cmake 4.1.20250725-gb5cce23. This affects the function cmForEachFunctionBlocker::ReplayItems of the file...

EulerOS 2.0 SP11 : cmake (EulerOS-SA-2025-2457)

According to the versions of the cmake packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was determined in cmake 4.1.20250725-gb5cce23. This affects the function cmForEachFunctionBlocker::ReplayItems of the file...

EulerOS 2.0 SP11 : binutils (EulerOS-SA-2025-2455)

According to the versions of the binutils package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability classified as problematic was found in GNU Binutils 2.45. Affected by this vulnerability is the function copysection of the file...

EulerOS 2.0 SP13 : binutils (EulerOS-SA-2025-2515)

According to the versions of the binutils package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability classified as problematic was found in GNU Binutils 2.45. Affected by this vulnerability is the function copysection of the file...

CVE-2025-62563

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

CVE-2025-62463

Null pointer dereference in Windows DirectX allows an authorized attacker to deny service locally...

EUVD-2025-202252

Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally...

CVE-2025-32328

In multiple functions of Session.java, there is a possible way to view images belonging to a different user of the device due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

CVE-2025-48638

In pkvmloadtracing of trace.c, there is a possible out-of-bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48632

In setDisplayName of AssociationRequest.java, there is a possible way to cause CDM associations to persist after the user has disassociated them due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is n...

CVE-2025-13876

A security vulnerability has been detected in Rareprob HD Video Player All Formats App 12.1.372 on Android. Impacted is an unknown function of the component com.rocks.music.videoplayer. The manipulation leads to path traversal. The attack needs to be performed locally. The exploit has been...

CVE-2025-13876

A security vulnerability has been detected in Rareprob HD Video Player All Formats App 12.1.372 on Android. Impacted is an unknown function of the component com.rocks.music.videoplayer. The manipulation leads to path traversal. The attack needs to be performed locally. The exploit has been...

CVE-2025-13876

A detailed CVE entry concerns Rareprob HD Video Player All Formats App 12.1.372 on Android. The vulnerable component is com.rocks.music.videoplayer, with an unspecified function exploitation that enables path traversal. The attack is local, and public disclosures exist. Multiple connected sources...

EUVD-2025-200135

Improper export of android application components in Galaxy Store for Galaxy Watch prior to version 1.0.06.29 allows local attacker to install arbitrary application on Galaxy Store...

PT-2025-48699

Name of the Vulnerable Software and Affected Versions Rareprob HD Video Player All Formats App version 12.1.372 Description A security issue exists in Rareprob HD Video Player All Formats App version 12.1.372 on Android. The issue involves path traversal within the component...

JLSEC-2025-322 A weakness has been identified in LibTIFF 4.7.0

A weakness has been identified in LibTIFF 4.7.0. This affects the function main of the file tiffcrop.c of the component tiffcrop. Executing manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been made available to the public and could be exploited...

JLSEC-2025-323 A flaw has been found in LibTIFF 4.7.0

A flaw has been found in LibTIFF 4.7.0. This affects the function TIFFmallocExt/TIFFCheckRealloc/TIFFHashSetNew/InitCCITTFax3 of the file tools/tiffcmp.c of the component tiffcmp. Executing manipulation can lead to memory leak. The attack is restricted to local execution. This attack is...

JLSEC-2025-317 A vulnerability was found in LibTIFF up to 4.7.0

A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as critical. This vulnerability affects the function gethistogram of the file tools/tiffmedian.c. The manipulation leads to use after free. The attack needs to be approached locally. The exploit has been disclosed to the publi...