AZL-66122 CVE-2025-3770 affecting package hvloader for versions less than 1.0.1-14

EDK2 contains a vulnerability in BIOS where an attacker may cause “Protection Mechanism Failure” by local access. Successful exploitation of this vulnerability will lead to arbitrary code execution and impact Confidentiality, Integrity, and Availability...

AZL-66119 CVE-2025-3770 affecting package edk2 for versions less than 20230301gitf80f052277c8-43

EDK2 contains a vulnerability in BIOS where an attacker may cause “Protection Mechanism Failure” by local access. Successful exploitation of this vulnerability will lead to arbitrary code execution and impact Confidentiality, Integrity, and Availability...

DEBIAN-CVE-2025-3770

EDK2 contains a vulnerability in BIOS where an attacker may cause “Protection Mechanism Failure” by local access. Successful exploitation of this vulnerability will lead to arbitrary code execution and impact Confidentiality, Integrity, and Availability...

UBUNTU-CVE-2025-3770

EDK2 contains a vulnerability in BIOS where an attacker may cause “Protection Mechanism Failure” by local access. Successful exploitation of this vulnerability will lead to arbitrary code execution and impact Confidentiality, Integrity, and Availability...

CVE-2025-53544

Trilium Notes is an open-source, cross-platform hierarchical note taking application with focus on building large personal knowledge bases. In versions below 0.97.0, a brute-force protection bypass in the initial sync seed retrieval endpoint allows unauthenticated attackers to guess the login...

RL-MoE: an Image-Based Privacy Preserving Approach in Intelligent Transportation System

The proliferation of AI-powered cameras in Intelligent Transportation Systems ITS creates a severe conflict between the need for rich visual data and the fundamental right to privacy. Existing privacy-preserving mechanisms, such as blurring or encryption, are often insufficient, creating an...

EDK2 安全漏洞

EDK2 is a set of cross-platform firmware development environments based on UEFI and PI specifications from the Tianocore community. A security vulnerability exists in EDK2 that stems from a failure of protection mechanisms in the BIOS, which could lead to the execution of arbitrary code by a loca...

CVE-2025-54394

Netwrix Directory Manager (formerly Imanami GroupID)

The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

Linux Distros Unpatched Vulnerability : CVE-2021-20191

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by nolog feature when using those...

Linux Distros Unpatched Vulnerability : CVE-2024-42250

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: cachefiles: add missing lock protection when polling Add missing lock protection in poll...

Linux Distros Unpatched Vulnerability : CVE-2024-11694

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Enhanced Tracking Protection's Strict mode may have inadvertently allowed a CSP frame-src bypass and DOM-based XSS through the Google SafeFrame shim in the Web...

Linux Distros Unpatched Vulnerability : CVE-2022-49760

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix PTE marker handling in hugetlbchangeprotection Patch series mm/hugetlb:...

Linux Distros Unpatched Vulnerability : CVE-2025-21889

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: perf/core: Add RCU read lock protection to perfiteratectx The perfiteratectx function perfor...

CVE-2025-36020

IBM Guardium Data Protection could allow a remote attacker to obtain sensitive information due to cleartext transmission of sensitive credential information...

CVE-2025-36020

IBM Guardium Data Protection could allow a remote attacker to obtain sensitive information due to cleartext transmission of sensitive credential information...

CVE-2025-36020

CVE-2025-36020 affects IBM Guardium Data Protection. According to the connected IBM bulletin, the issue enables information disclosure due to cleartext transmission of sensitive credential information. Affected versions are IBM Guardium Data Protection 11.5, 12.0, and 12.1. The bulletin recommend...

Brave Desktop 1.81.131 Security Fixes

Added clickjacking protection on DDNS interstitials as reported on HackerOne by newfunction. - Fixed inactive split view tab displaying a permission prompt as reported on HackerOne by frozzipies. Upgraded Chromium to 139.0.7258.66 — refer to Google Chrome advisories for inherited CVEs...

Brave Android 1.81.131 Security Fixes

Added clickjacking protection on DDNS interstitials as reported on HackerOne by newfunction. Upgraded Chromium to 139.0.7258.66 — refer to Google Chrome advisories for inherited CVEs...

CVE-2025-54615

Vulnerability of insufficient information protection in the media library module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...