ROS-20260615-73-0021

The vulnerability of the xfAppUpdateWindowFromSurface function in the RDP client FreeRDP relates to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

EUVD-2018-16918

Malware in sbrugna...

The vulnerability of the f_strflocaltime() function in the programming language JQ, which allows attackers to compromise the accessibility of protected information

The vulnerability of the fstrflocaltime function in the JavaScript programming language is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to compromise the accessibility of protected information...

The vulnerability in the web interface of the software for monitoring social networks on the Cisco Customer Collaboration Platform (formerly Cisco SocialMiner) allows a perpetrator to disclose protected information.

The vulnerability of the web interface of the software for monitoring social networks on the Cisco Customer Collaboration Platform formerly Cisco SocialMiner is related to errors in information processing. Exploiting this vulnerability can allow a malicious actor to disclose protected information...

The vulnerability of PDF document viewing and editing programs such as PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO lies in the ability to read data beyond the buffer in memory, allowing attackers to disclose protected information.

The vulnerability of PDF document viewing and editing programs such as PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO lies in the reading of data beyond the buffer boundaries during file processing for PRC formats. Exploiting this vulnerability can allow attackers to disclose protected...

The vulnerability of PDF document viewing and editing programs such as PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO lies in the ability to read data beyond the buffer in memory, allowing attackers to disclose protected information.

The vulnerability of PDF document viewing and editing programs such as PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO lies in the reading of data beyond the buffer boundaries in memory during file processing for U3D files. Exploiting this vulnerability can allow attackers to disclose protecte...

Vulnerability of the sja1105_setup() function in the drivers/net/dsa/sja1105/sja1105_main.c module – the Linux kernel’s NXP SJA1105 switch support driver allows a hacker to gain access to protected information.

Vulnerability of the sja1105setup function in the drivers/net/dsa/sja1105/sja1105main.c module – The Linux operating system’s NXP SJA1105 switch support driver is vulnerable due to improper memory release before deleting the last reference memory leak. Exploiting this vulnerability can allow an...

Vulnerability of the uss720_probe() function in the drivers/usb/misc/uss720.c module – The driver for supporting USB devices in Linux kernel allows a hacker to gain access to protected information.

Vulnerability of the uss720probe function in the drivers/usb/misc/uss720.c module – The Linux kernel’s USB device support driver is vulnerable to security-related errors. Exploiting this vulnerability could allow an attacker to gain access to protected information...

The vulnerability of the Call History module in the iPadOS and iOS operating systems allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Call History module in iPadOS and iOS operating systems is related to insufficient protection for sensitive data. Exploiting this vulnerability can allow an attacker who operates remotely to gain unauthorized access to protected information...

The vulnerability of the LockSmtpSettings method in the software for managing and monitoring remote devices in telemetry and telemechanics systems allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the LockSmtpSettings method in the software for managing and monitoring remote devices in telemetry and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to compromise the...

The vulnerability of the bpf_link_show_fdinfo() function in the kernel/bpf/syscall.c module of the Linux operating system allows a attacker to compromise the confidentiality and accessibility of the protected information.

The vulnerability of the bpflinkshowfdinfo function in the kernel/bpf/syscall.c module of the Linux operating system is related to reading beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and accessibility of the protected...

PT-2025-19324

Name of the Vulnerable Software and Affected Versions VideoPlayer2 affected versions not specified Synology Router Manager SRM affected versions not specified Description A flaw exists in VideoPlayer2 that could allow authorized remote users to read .srt subtitle files. A security issue in Synolo...

The vulnerability of the Autofill function in Microsoft Edge and Google Chrome browsers allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Autofill function in Microsoft Edge and Google Chrome browsers is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the svc_tcp_listen_data_ready() function in the Linux operating system’s RPC (Remote Procedure Call) kernel implementation allows a attacker to compromise the accessibility of protected information.

The vulnerability of the svctcplistendataready function in the net/sunrpc/svcsock.c module, which is part of the Linux operating system’s RPC Remote Procedure Call protocol, relates to the reallocation of previously freed memory due to concurrent access to resources. Exploiting this vulnerability...

The vulnerability of the Fortinet FortiPortal security analysis and management tool lies in the lack of protective measures for the SQL query structure, allowing attackers to disclose protected information.

The vulnerability of the Fortinet FortiPortal security analysis and management tool is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to disclose the protected information...

The vulnerability of the TIPC (Process-to-Process Communication Service) in the Linux operating system allows a attacker to gain access to protected data.

The vulnerability of the TIPC Process-to-Process Communication Service in the Linux operating system is related to the lack of initialization for data sent by users. Exploiting this vulnerability can allow attackers to gain access to protected data...

The vulnerability of the cURL command-line utility lies in the lack of protection for service data, allowing attackers to compromise the confidentiality and integrity of the protected information.

The vulnerability of the command-line tool cURL relates to the installation of “superbug files” in Curl, which are then transmitted back to a larger number of sources. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality and integrity of the protected informati...

The vulnerability of cloud-based data storage software for IBM Watson CP4D Data Stores lies in the lack of encryption measures for protected data, allowing attackers to gain unauthorized access to protected information.

The vulnerability of cloud-based data storage software for IBM Watson CP4D Data Stores lies in the lack of encryption measures for protected data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the macOS operating system’s terminal emulator allows a hacker to disclose protected information.

The vulnerability of the macOS terminal emulator is related to the lack of protection for service data. Exploiting this vulnerability allows a hacker to execute arbitrary control commands...

The vulnerability of the Centralized Third-party Jars component (OkHttp) of the Oracle Access Manager control system allows a hacker to disclose protected information.

The vulnerability of the Centralized Third-party Jars component OkHttp in the Oracle Access Manager access control tool is related to the lack of protection for service data. Exploiting this vulnerability could allow a malicious actor to disclose the protected information...