1823 matches found
CVE-2025-20356
A vulnerability in the web-based management interface of Cisco Cyber Vision Center could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-base...
CVE-2025-20356 Cisco CyberVision Center Sensor Explorer Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Cyber Vision Center could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-base...
CVE-2025-20356
Cisco Cyber Vision Center's web-based management interface contains a stored XSS vulnerability. An authenticated attacker with valid admin credentials (Sensor Explorer page access) can inject malicious script into specific interface pages, leading to execution of script in the user’s browser and ...
CVE-2025-20356 Cisco CyberVision Center Sensor Explorer Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Cyber Vision Center could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-base...
Cisco Cyber Vision Center Stored Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Cyber Vision Center could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. These vulnerabilities exist because the web-based management interface of an...
PT-2025-40266
Name of the Vulnerable Software and Affected Versions Cisco Cyber Vision Center affected versions not specified Description A flaw exists in the web-based management interface of Cisco Cyber Vision Center that could permit an authenticated, remote attacker to perform cross-site scripting XSS...
Environmental Rate Manipulation Attacks on Power Grid Security
The growing complexity of global supply chains has made hardware Trojans a significant threat in sensor-based power electronics. Traditional Trojan designs depend on digital triggers or fixed threshold conditions that can be detected during standard testing. In contrast, we introduce Environmenta...
Linux Distros Unpatched Vulnerability : CVE-2025-43356
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The issue was addressed with improved handling of caches. This issue is fixed in Safari 26, iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS...
SUSE CVE-2025-43356
The issue was addressed with improved handling of caches. This issue is fixed in Safari 26, iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. A website may be able to access sensor information without user consent...
Use After Free
Overview Affected versions of this package are vulnerable to Use After Free via improper handling of caches. An attacker can obtain unauthorized access to sensor information by tricking a user into visiting a malicious website. This is only exploitable if the system is configured with certain...
Use After Free
Overview Affected versions of this package are vulnerable to Use After Free via improper handling of caches. An attacker can obtain unauthorized access to sensor information by tricking a user into visiting a malicious website. This is only exploitable if the system is configured with certain...
Seeing Is Deceiving: Mirror-Based LiDAR Spoofing for Autonomous Vehicle Deception
Autonomous vehicles AVs rely heavily on LiDAR sensors for accurate 3D perception. We show a novel class of low-cost, passive LiDAR spoofing attacks that exploit mirror-like surfaces to inject or remove objects from an AV's perception. Using planar mirrors to redirect LiDAR beams, these attacks...
CVE-2025-57625
CYRISMA Sensor before 444 for Windows has an Insecure Folder and File Permissions vulnerability. A low-privileged user can abuse these issues to escalate privileges and execute arbitrary code in the context of NT AUTHORITY\SYSTEM by replacing DataSpotliteAgent.exe or any other binaries called by...
Multiple Apple Products Information Disclosure Vulnerability (CNVD-2025-22676)
Apple Safari is a web browser that is the default browser that comes with the Mac OS X and iOS operating systems.Apple iOS is an operating system developed for mobile devices.Apple tvOS is a smart TV operating system. An information disclosure vulnerability exists in a number of Apple products,...
SUSE CVE-2023-53242
In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/hisi: Drop second sensor hi3660 The commit 74c8e6bffbe1 "driver core: Add allocsize hint to devm allocators" exposes a panic "BRK handler: Fatal exception" on the hi3660thermalprobe funciton. This is because the...
SUSE CVE-2023-53336
In the Linux kernel, the following vulnerability has been resolved: media: ipu-bridge: Fix null pointer deref on SSDB/PLD parsing warnings When ipubridgeparserotation and ipubridgeparseorientation run sensor-adev is not set yet. So if either of the devwarn calls about unknown values are hit this...
CVE-2025-43356
A flaw was found in WebKitGTK. A malicious website can obtain access to sensor information without user consent due to improper handling of caches. Mitigation Do not visit untrusted websites. Also, do not process or load untrusted web content with WebKitGTK. In Red Hat Enterprise Linux 7, the...
CVE-2023-53336
In the Linux kernel, the following vulnerability has been resolved: media: ipu-bridge: Fix null pointer deref on SSDB/PLD parsing warnings When ipubridgeparserotation and ipubridgeparseorientation run sensor-adev is not set yet. So if either of the devwarn calls about unknown values are hit this...
DEBIAN-CVE-2023-53336
In the Linux kernel, the following vulnerability has been resolved: media: ipu-bridge: Fix null pointer deref on SSDB/PLD parsing warnings When ipubridgeparserotation and ipubridgeparseorientation run sensor-adev is not set yet. So if either of the devwarn calls about unknown values are hit this...
UBUNTU-CVE-2023-53336
In the Linux kernel, the following vulnerability has been resolved: media: ipu-bridge: Fix null pointer deref on SSDB/PLD parsing warnings When ipubridgeparserotation and ipubridgeparseorientation run sensor-adev is not set yet. So if either of the devwarn calls about unknown values are hit this...