438 matches found
CGA-J785-GC4J-H29V
Bulletin has no description...
MINI-Q43G-GQ7W-M294
Bulletin has no description...
CVE-2025-58475
Improper input validation in libsec-ril.so prior to SMR Dec-2025 Release 1 allows local privileged attackers to write out-of-bounds memory...
CVE-2025-58475
The CVE-2025-58475 entry concerns improper input validation in libsec-ril.so prior to Samsung SMR Dec-2025 Release 1, which allows a local privileged attacker to write out-of-bounds memory. Affected component: libsec-ril.so (pre-December 2025 patch level). Root cause: input validation flaw leadin...
MINI-G88W-HJ6R-4WPX
Bulletin has no description...
CVE-2025-58316
DoS vulnerability in the video-related system service module. Impact: Successful exploitation of this vulnerability may affect availability...
ECHO-FE41-738D-E691
Bulletin has no description...
JLSEC-2025-200 Arm Mbed TLS before 2.16.5 allows attackers to obtain sensitive information (an RSA private key) by ...
Arm Mbed TLS before 2.16.5 allows attackers to obtain sensitive information an RSA private key by measuring cache usage during an import...
JLSEC-2025-213 An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS)
An issue was discovered in Mbed TLS before 2.25.0 and before 2.16.9 LTS and before 2.7.18 LTS. A NULL algorithm parameters entry looks identical to an array of REAL size zero and thus the certificate is considered valid. However, if the parameters do not match in any way, then the certificate...
GNU Transport Layer Security Library 3.8.11
GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS 12, OpenPGP, and other...
CVE-2025-59114
Windu CMS is vulnerable to Cross-Site Request Forgery in file uploading functionality. Malicious attacker can craft special website, which when visited by the victim, will automatically send malicious file to the server. Only version 4.1 was tested and confirmed as vulnerable. This issue was fixe...
CVE-2025-48593
In btahfclientcbinit of btahfclientmain.cc, there is a possible remote code execution due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...
Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands are vulnerable to denial of service [CVE-2025-8885], [CVE-2025-8916]
Summary Bouncycastle bcprov is used by IBM App Connect Enterprise Certified Container. IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands are vulnerable to denial of service. This bulletin provides patch information to address the reported...
CVE-2025-48813
Use of a key past its expiration date in Virtual Secure Mode allows an authorized attacker to perform spoofing locally...
EUVD-2011-1430
Malware in sbrugna...
EUVD-2021-2753
Malicious code in bioql PyPI...
EUVD-2021-2752
Malicious code in bioql PyPI...
EUVD-2021-2750
Malicious code in bioql PyPI...
EUVD-2021-2751
Malicious code in bioql PyPI...
CVE-2025-9231
CVE-2025-9231 describes a timing side-channel in OpenSSL’s SM2 implementation on 64-bit ARM, which could allow remote recovery of the private key under a custom provider scenario. OpenSSL TLS with SM2 certificates is not common, but the issue is considered Moderate. Connected advisories show affe...