40434 matches found
drm/amd/display: Fix slab-use-after-free in hdcp
...
CVE-2025-46358
Emerson ValveLink products do not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product...
The vulnerability of BitLocker’s data protection function in the Microsoft Windows operating system allows attackers to circumvent existing security restrictions.
The vulnerability of BitLocker’s data protection function in the Microsoft Windows operating system relates to the loading of unreliable external data alongside reliable data. Exploiting this vulnerability could allow an attacker to circumvent existing security restrictions...
Emerson ValveLink Products 安全漏洞
Emerson ValveLink Products is a diagnostic software from Emerson USA. A security vulnerability exists in Emerson ValveLink Products, which stems from an inadequate protection mechanism that makes it susceptible to targeted attacks...
SSH-Passkeys: Leveraging Web Authentication for Passwordless SSH
We propose a method for using Web Authentication APIs for SSH authentication, enabling passwordless remote server login with passkeys. These are credentials that are managed throughout the key lifecycle by an authenticator on behalf of the user and offer strong security guarantees. Passwords rema...
Never Trust the Manufacturer, Never Trust the Client: a Novel Method for Streaming STL Files for Secure Additive Manufacturing
While additive manufacturing has opened interesting avenues to reimagine manufacturing as a service MaaS platform, transmission of design files from client to manufacturer over networks opens up many cybersecurity challenges. Securing client's intellectual property IP especially from cyber-attack...
WordPress Sharable Password Protected Posts Information Disclosure Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation, and WordPress plugin is an application plugin. An information disclosure vulnerability exists in WordPress Sharable Password Protected Posts, which stems from the REST API exposing a key that can be exploited by an...
TOTOLINK N300RB 操作系统命令注入漏洞
The TOTOLINK N300R is a wireless router for home and small office scenarios from Korean networking brand TOTOLINK. The TOTOLINK N300RB suffers from a command injection vulnerability that originates from the remote support feature of static key protection, which can be exploited by an attacker to...
WordPress plugin Premium Age Verification Restriction for WordPress 信任管理问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A trust management issue vulnerability exis...
The vulnerability of the Applitools Eyes plugin in Jenkins automation servers, related to the lack of security measures for website structure protection, allows attackers to perform cross-site scripting attacks.
The vulnerability of the Applitools Eyes plugin in Jenkins automation servers is related to the lack of security measures for the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...
The vulnerability of the Windows GDI component in Microsoft Windows operating systems allows attackers to disclose protected information.
The vulnerability of the Windows GDI component in Microsoft Windows systems is related to a breach of data protection mechanisms. Exploiting this vulnerability can allow an attacker, operating remotely, to disclose protected information...
The vulnerability of BitLocker’s data protection function in the Microsoft Windows operating system allows attackers to circumvent existing security restrictions.
The vulnerability of BitLocker’s data protection function in the Microsoft Windows operating system is related to a breach of the data protection mechanism. Exploiting this vulnerability could allow an attacker to circumvent existing security restrictions...
The vulnerability of the trusted execution environment of the Virtualization-Based Security (VBS) Enclave in Microsoft Windows operating systems allows attackers to enhance their privileges.
The vulnerability of the trusted execution environment for the Virtualization-Based Security VBS Enclave in Microsoft Windows operating systems is related to a breach of the data protection mechanism. Exploiting this vulnerability can allow attackers to enhance their privileges...
CVE-2025-46358 Emerson ValveLink Products Protection Mechanism Failure
Emerson ValveLink products do not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product...
CVE-2025-46358 Emerson ValveLink Products Protection Mechanism Failure
Emerson ValveLink products do not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product...
CVE-2025-46358
The CVE-2025-46358 entry concerns Emerson ValveLink products, where the underlying issue is an inadequate protection mechanism that fails to defend against directed attacks. Technical details across connected documents confirm the affected product family and the root cause, with high-severity imp...
SUSE CVE-2025-38298
In the Linux kernel, the following vulnerability has been resolved: EDAC/skxcommon: Fix general protection fault After loading i10nmedac which automatically loads skxedaccommon, if unload only i10nmedac, then reload it and perform error injection testing, a general protection fault may occur: mce...
SUSE CVE-2025-38348
In the Linux kernel, the following vulnerability has been resolved: wifi: p54: prevent buffer-overflow in p54rxeepromreadback Robert Morris reported: |If a malicious USB device pretends to be an Intersil p54 wifi |interface and generates an eepromreadback message with a large |eeprom-v1.len,...
CVE-2025-47984
Protection mechanism failure in Windows GDI allows an unauthorized attacker to disclose information over a network...
CVE-2025-47159
Protection mechanism failure in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to elevate privileges locally...