DEBIAN-CVE-2025-11839

A security flaw has been discovered in GNU Binutils 2.45. Impacted is the function tgtagtype of the file prdbg.c. Performing a manipulation results in unchecked return value. The attack needs to be approached locally. The exploit has been released to the public and may be used for attacks...

CVE-2025-11839 GNU Binutils prdbg.c tg_tag_type return value

A security flaw has been discovered in GNU Binutils 2.45. Impacted is the function tgtagtype of the file prdbg.c. Performing a manipulation results in unchecked return value. The attack needs to be approached locally. The exploit has been released to the public and may be used for attacks...

CVE-2025-11839 GNU Binutils prdbg.c tg_tag_type return value

A security flaw has been discovered in GNU Binutils 2.45. Impacted is the function tgtagtype of the file prdbg.c. Performing a manipulation results in unchecked return value. The attack needs to be approached locally. The exploit has been released to the public and may be used for attacks...

CVE-2025-11839

CVE-2025-11839 affects GNU Binutils 2.45, with the vulnerable code path in tg_tag_type inside prdbg.c. The issue results from an unchecked return value, enabling a local attacker to exploit it. Multiple connected sources corroborate a locally exploitable flaw and indicate that an exploit has been...

TencentOS Server 4: fio (TSSA-2025:0751)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0751 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

CVE-2025-22832

APTIOV contains a vulnerability in BIOS where an attacker may cause an Out-of-bounds Write by local. Successful exploitation of this vulnerability may lead to data corruption and loss of availability...

CVE-2025-20717

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00419946; Issue ID: MSV-358...

CVE-2025-33044

APTIOV contains a vulnerability in BIOS where an attacker may cause an Improper Restriction of Operations within the Bounds of a Memory Buffer by local means. Successful exploitation of this vulnerability may lead to memory corruption and impact Integrity and Availability...

CVE-2025-22831

APTIOV contains a vulnerability in BIOS where an attacker may cause an Out-of-bounds Write by local. Successful exploitation of this vulnerability may lead to data corruption and loss of availability...

CVE-2025-33044

APTIOV contains a vulnerability in BIOS where an attacker may cause an Improper Restriction of Operations within the Bounds of a Memory Buffer by local means. Successful exploitation of this vulnerability may lead to memory corruption and impact Integrity and Availability...

CVE-2025-11666

A flaw has been found in Tenda RP3 Pro up to 22.5.7.93. This impacts an unknown function of the file forceupgrade.sh of the component Firmware Update Handler. Executing manipulation of the argument currentforceupgradepwd can lead to use of hard-coded password. The attack can only be executed...

PT-2025-41921

Name of the Vulnerable Software and Affected Versions APTIOV affected versions not specified Description APTIOV BIOS contains a flaw that allows a local attacker to trigger an Out-of-bounds Write. Successful exploitation of this issue may result in data corruption and a loss of system availabilit...

CVE-2025-11649

A vulnerability was found in Tomofun Furbo 360 and Furbo Mini. The affected element is an unknown function of the component Root Account Handler. Performing manipulation results in use of hard-coded password. The attack must be initiated from a local position. The attack is considered to have hig...

EUVD-2025-34055

A flaw has been found in Tenda RP3 Pro up to 22.5.7.93. This impacts an unknown function of the file forceupgrade.sh of the component Firmware Update Handler. Executing manipulation of the argument currentforceupgradepwd can lead to use of hard-coded password. The attack can only be executed...

CVE-2025-11666 Tenda RP3 Pro Firmware Update force_upgrade.sh hard-coded password

A flaw has been found in Tenda RP3 Pro up to 22.5.7.93. This impacts an unknown function of the file forceupgrade.sh of the component Firmware Update Handler. Executing manipulation of the argument currentforceupgradepwd can lead to use of hard-coded password. The attack can only be executed...

PT-2025-41760

Name of the Vulnerable Software and Affected Versions Tenda RP3 Pro versions through 22.5.7.93 Description A security issue exists in Tenda RP3 Pro up to version 22.5.7.93, specifically within the Firmware Update Handler component. Manipulation of the current force upgrade pwd argument in the for...

CVE-2025-11649

CVE-2025-11649 affects Tomofun Furbo 360 and Furbo Mini. The vulnerability ties to an unknown function in the Root Account Handler that, when manipulated, reveals a hard-coded password. Exploitation requires local access and is described as high complexity with low privileges and no user interact...

CVE-2025-11645 Tomofun Furbo Mobile App Authentication Token sensitive information

A security vulnerability has been detected in Tomofun Furbo Mobile App up to 7.57.0a on Android. This affects an unknown part of the component Authentication Token Handler. The manipulation leads to insecure storage of sensitive information. It is possible to launch the attack on the physical...

SUSE CVE-2025-11494

A vulnerability was found in GNU Binutils 2.45. Impacted is the function bfdx86elflatesizesections of the file bfd/elfxx-x86.c of the component Linker. The manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used. Th...

SUSE CVE-2025-11495

A vulnerability was determined in GNU Binutils 2.45. The affected element is the function elfx8664relocatesection of the file elf64-x86-64.c of the component Linker. This manipulation causes heap-based buffer overflow. The attack can only be executed locally. The exploit has been publicly disclos...