The vulnerability of C/C++ Libstb libraries, related to writing beyond buffer boundaries, allows attackers to gain access to protected information.

The vulnerability of the C/C++ Libstb library lies in the writing beyond buffer boundaries. Exploiting this vulnerability can allow an attacker to gain access to protected information...

CVE-2025-20938

Improper access control in SamsungContacts prior to SMR Apr-2025 Release 1 allows local attackers to access protected data in SamsungContacts...

CVE-2025-20938

Improper access control in SamsungContacts prior to SMR Apr-2025 Release 1 allows local attackers to access protected data in SamsungContacts...

CVE-2025-20938

Summary: CVE-2025-20938 affects SamsungContacts. The issue is an improper access control that lets local attackers access protected data. Affected are SamsungContacts versions prior to SMR Apr-2025 Release 1. The vendor indicates remediation via a security update; users should apply SMR Apr-2025 ...

CVE-2025-20938

Improper access control in SamsungContacts prior to SMR Apr-2025 Release 1 allows local attackers to access protected data in SamsungContacts...

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices versions prior to SMR Apr-2025 Release 1, which stems from improper access control and could...

The vulnerability of the BFS file system of the Grub2 operating system, which allows a hacker to disclose protected information

The vulnerability of the BFS file system of the Grub2 operating system is related to reading data beyond the allowed range in memory. Exploiting this vulnerability can allow an attacker to disclose protected information...

The vulnerability of the SIEM system testing tool Kraken Stress Testing Toolkit lies in the incorrect restriction on the path name to the catalog, which allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the SIEM systems’ load testing tools, such as the Kraken Stress Testing Toolkit, is related to incorrect restrictions on the path name to the catalog. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected...

The vulnerability of the web interface of the “Central Medical Imaging Archive” information system, due to deficiencies in access control, allows unauthorized access to protected information.

The vulnerability of the web interface of the “Central Archive of Medical Images” information system is related to deficiencies in encryption mechanisms. Exploiting this vulnerability could allow an attacker, operating remotely, to compromise the confidentiality and accessibility of the protected...

The vulnerability of the modTMSM component in the Trend Micro Apex Central security monitoring and management tool allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the modTMSM component in the Trend Micro Apex Central security management and monitoring tool is related to insufficient checking of incoming requests. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

Vulnerability of software for modeling, design, and drawing in AutoCAD, related to reading data outside the buffer in memory, allowing a perpetrator to cause service failures and gain unauthorized access to protected information

The vulnerability of software for modeling, design, and drawing in AutoCAD is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause system failures and gain unauthorized access to protected information using a specially create...

The vulnerability of the BmpInput::read_native_scanline() function in the src/bmp.imageio/bmpinput.cpp module of the OpenImageIO library allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the BmpInput::readnativescanline function in the src/bmp.imageio/bmpinput.cpp module of the OpenImageIO library is related to writing beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

The vulnerability of the IBM Common Cryptographic Architecture (CCA) cryptographic platform, which arises from information disclosure due to incompatibilities, allows attackers to gain unauthorized access to protected information.

The vulnerability of the IBM Common Cryptographic Architecture CCA lies in the ability to disclose information through incompatibility. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the HeaderHandler component in the Java framework of Apache Camel allows a attacker to compromise the integrity and accessibility of the protected information.

The vulnerability of the Header Handler component in the Java framework Apache Camel is related to the lack of measures taken to neutralize internal special elements. Exploiting this vulnerability allows a remote attacker to compromise the integrity and accessibility of the protected information...

Vulnerability of the path_init() function in the drivers/interconnect/core.c module – The Linux kernel interconnect driver allows a hacker to gain access to protected information or cause service failures.

Vulnerability of the pathinit function in the drivers/interconnect/core.c module – The Linux kernel interconnect driver has vulnerabilities in its code. Exploiting this vulnerability could allow an attacker to access protected information or cause service failures...

The vulnerability of the bpf_link_show_fdinfo() function in the kernel/bpf/syscall.c module of the Linux operating system allows a attacker to compromise the confidentiality and accessibility of the protected information.

The vulnerability of the bpflinkshowfdinfo function in the kernel/bpf/syscall.c module of the Linux operating system is related to reading beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and accessibility of the protected...

CVE-2025-30461

An access issue was addressed with additional sandbox restrictions on the system pasteboards. This issue is fixed in macOS Sequoia 15.4. An app may be able to access protected user data...

CVE-2025-24278

This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to access protected user data...

CVE-2025-24239

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.4. An app may be able to access protected user data...

CVE-2025-24181

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to access protected user data...