CVE-2026-44069 Integer underflow in volxlate

An integer underflow in the volxlate function in Netatalk 3.0.0 through 4.4.2 allows a local privileged user to obtain limited information, modify limited data, or cause a minor service disruption via crafted volume translation input...

CVE-2025-54510

A missing lock verification in AMD Secure Processor ASP firmware may permit a locally authenticated attacker with administrative privileges to alter MMIO routing on some Zen 5-based products, potentially compromising guest system integrity...

CVE-2025-54510

The connected documents confirm CVE-2025-54510 affects AMD Zen 5 (and related platforms) via a missing lock verification in the AMD Secure Processor (ASP) firmware that can allow a locally authenticated, high-privilege attacker to alter MMIO routing during boot/init, potentially compromising gues...

CVE-2025-54510

A missing lock verification in AMD Secure Processor ASP firmware may permit a locally authenticated attacker with administrative privileges to alter MMIO routing on some Zen 5-based products, potentially compromising guest system integrity...

CVE-2026-20104

A vulnerability in the bootloader of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches, Cisco Catalyst ESS9300 Embedded Series Switches, Cisco Catalyst IE9310 and IE9320 Rugged Series Switches, and Cisco IE3500 and IE3505 Rugged Series Switches could allow an authenticated, local...

CVE-2025-27708

Out-of-bounds read in the firmware for some IntelR Converged Security and Management Engine CSME Firmware FW within Ring 0: Kernel may allow an information disclosure. System software adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may...

CVE-2025-27708

Out-of-bounds read in the firmware for some IntelR Converged Security and Management Engine CSME Firmware FW within Ring 0: Kernel may allow an information disclosure. System software adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may...

CVE-2025-27243

Out-of-bounds write in the firmware for some IntelR Ethernet Controller E810 before version cvl fw 1.7.8.x within Ring 0: Bare Metal OS may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable denial of service. This result m...

CVE-2026-22277

Dell UnityVSA, versions 5.4 and prior, contains an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution with root...

CVE-2025-21071

Out-of-bounds write in handling opcode in fingerprint trustlet prior to SMR Nov-2025 Release 1 allows local privileged attackers to write out-of-bounds memory...

CVE-2025-45375

Dell PowerProtect Data Domain with Data Domain Operating System DD OS of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain a Stack-based Buffer...

EUVD-2025-24531

Malicious code in bioql PyPI...

EUVD-2025-13698

Malicious code in bioql PyPI...

CVE-2025-4410

A buffer overflow vulnerability exists in the module SetupUtility. An attacker with local privileged access can exploit this vulnerability by executeing arbitrary code...

CVE-2025-4410

A buffer overflow vulnerability exists in the module SetupUtility. An attacker with local privileged access can exploit this vulnerability by executeing arbitrary code...

CVE-2025-4410

CVE-2025-4410 describes a buffer overflow in the SetupUtility module. Multiple sources (NVD/NVD-derived records, Red Hat advisory, CVE lists, and related enrichment) indicate a local-privilege path to arbitrary code execution: an attacker with local high privileges can exploit the issue to run co...

CVE-2025-4410 SetupUtility: A buffer overflow vulnerability leads to arbitrary code execution.

A buffer overflow vulnerability exists in the module SetupUtility. An attacker with local privileged access can exploit this vulnerability by executeing arbitrary code...

Filez 安全漏洞

Filez is an enterprise-grade file management platform from the Chinese company Filez. A security vulnerability exists in Filez that stems from an authentication bypass vulnerability that could lead to local privileged users accessing application data...

SAMSUNG SMR 安全漏洞

SAMSUNG SMR is a system patch package from the South Korean company Samsung SAMSUNG. It provides patches for Samsung cell phone applications. A security vulnerability exists in versions prior to SAMSUNG SMR May-2025 Release 1, which stems from improper access control and could allow a locally...

CVE-2024-6916

A vulnerability in Zowe CLI allows local, privileged actors to display securely stored properties in cleartext within a terminal using the '--show-inputs-only' flag...