1399 matches found
CVE-2025-48651
In importWrappedKey of KMKeymasterApplet.java, there is a possible way access keys that should be restricted due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-71220
In the Linux kernel, the following vulnerability has been resolved: smb/server: call ksmbdsessionrpcclose on error path in createsmb2pipe When ksmbdiovpinrsp fails, we should call ksmbdsessionrpcclose...
CVE-2026-23080
In the Linux kernel, the following vulnerability has been resolved: can: mcbausb: mcbausbreadbulkcallback: fix URB memory leak Fix similar memory leak as in commit 7352e1d5932a "can: gsusb: gsusbreceivebulkcallback: fix URB memory leak". In mcbausbprobe - mcbausbstart, the URBs for USB-in transfe...
CVE-2025-71113
A flaw was found in the Linux kernel's crypto AFALG subsystem. Memory allocated via sockkmalloc for crypto user API contexts is not zero-initialized, leaving fields with garbage values. Specifically, the 'inflight' variable can contain random data, causing afalgallocareq to spuriously return -EBU...
CVE-2025-39806
In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: fix slab out-of-bounds access in mtreportfixup A malicious HID device can trigger a slab out-of-bounds during mtreportfixup by passing in report descriptor smaller than 607 bytes. mtreportfixup attempts to patch...
Hostel Management System hostel_manage.exe file improper authentication vulnerability
Hostel Management System is a hostel management system. Hostel Management System suffers from an improper authentication vulnerability that originates from a misbehavior of the file hostelmanage.exe that results in improper authentication, no details of the vulnerability are available at this tim...
Intel Converged Security and Management Engine 安全漏洞
The Intel Converged Security and Management Engine is Intel's microcontroller embedded in the chipset to provide system management, security and low-power features. A competitive condition vulnerability exists in Intel Converged Security and Management Engine, and no detailed vulnerability detail...
WeGIA Cross-Site Scripting Vulnerability (CNVD-2025-17254)
WeGIA is a web manager for welfare organizations. WeGIA suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the precadastroatendido.php endpoint, for which no detailed vulnerability details are currently available...
CVE-2025-50089
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 9.0.0-9.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks ...
Unspecified Vulnerability in Automated Voting System
Automated Voting System is an automated voting system. Automated Voting System suffers from an unspecified vulnerability that stems from susceptibility to direct request attacks. No details of the vulnerability are available at this time...
Tenable Agent 安全漏洞
Tenable Agent is a vulnerability scanning program from Tenable USA. Tenable Agent suffers from a code execution vulnerability that originates from a non-administrative user being able to execute code with SYSTEM privileges. No details of the vulnerability are provided at this time...
QNAP QHora 授权问题漏洞
The QNAP QHora is a router from the Taiwan, China-based company Qualicom Technology QNAP. QNAP QHora has an authorization issue vulnerability that stems from improper authentication, and no detailed vulnerability details are available at this time...
CVE-2025-5268
No description is available for this CVE...
Tenda FH451 安全漏洞
The Tenda FH451 is a router from the Chinese company Tenda. The Tenda FH451 suffers from a code execution vulnerability that stems from the formSafeEmailFilter function failing to properly filter special elements of the constructed snippet. No details of the vulnerability are available at this ti...
Huawei HarmonyOS 安全漏洞
Huawei HarmonyOS is an operating system from the Chinese company Huawei. Huawei HarmonyOS suffers from a process-resident vulnerability. No details of the vulnerability are available at this time...
Moodle 安全漏洞
Moodle is a free e-learning software platform, also known as a course management system, learning management system or virtual learning environment. Moodle suffers from a security vulnerability that stems from the need for additional checks to ensure that users only have access to authorized grou...
WAVLINK AC3000 访问控制错误漏洞
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. The WAVLINK AC3000 is vulnerable to an access control error vulnerability that stems from a firmware update. No details of the vulnerability are available at this time...
PT-2025-43692
Name of the Vulnerable Software and Affected Versions gi-docgen affected versions not specified Description The description does not provide details about the nature of the issue, affected devices, or real-world incidents. Recommendations At the moment, there is no information about a newer versi...
PT-2025-2338 · Undefined · Undefined
Name of the Vulnerable Software and Affected Versions: No information is available about the vulnerable software and its affected versions. Description: The issue is related to a rejected CVE record due to non-compliance with CNA rules, as it has not been used. No further details are provided abo...
PT-2025-2343 · Undefined · Undefined
Name of the Vulnerable Software and Affected Versions: No information is available about the vulnerable software and its affected versions. Description: The issue is related to a rejected CVE record due to non-compliance with CNA rules, as it has not been used. No further details are provided abo...