Lucene search
K

2260 matches found

CNNVD
CNNVD
added 2025/12/17 12:0 a.m.5 views

Amazon AWS SDK for PHP 安全漏洞

Amazon AWS SDK for PHP is a software development kit for Amazon Web Services based on the PHP platform from Amazon.com, USA. A security vulnerability exists in Amazon AWS SDK for PHP that stems from a lack of cryptographic key commitment, which could cause a user with write access to the S3 stora...

6CVSS6.5AI score0.00176EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/17 12:0 a.m.7 views

PT-2025-51882

Name of the Vulnerable Software and Affected Versions AWS SDK for PHP versions prior to 3.368.0 Description A missing cryptographic key commitment in the AWS SDK for PHP could allow a user with write access to an S3 bucket to introduce a new Encryption Data Key EDK that decrypts to different...

6CVSS6.3AI score0.00176EPSS
Exploits0References7
OSV
OSV
added 2025/12/15 7:15 a.m.4 views

CVE-2025-14022

LINE client for iOS prior to 15.4 allows man-in-the-middle attacks due to improper SSL/TLS certificate validation in an integrated financial SDK. The SDK interfered with the application's network processing, causing server certificate verification to be disabled for a significant portion of netwo...

6.8CVSS5.8AI score0.00161EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/15 12:0 a.m.5 views

PT-2025-51206

LINE client for iOS prior to 15.4 allows man-in-the-middle attacks due to improper SSL/TLS certificate validation in an integrated financial SDK. The SDK interfered with the application's network processing, causing server certificate verification to be disabled for a significant portion of netwo...

7.7CVSS6.6AI score0.00161EPSS
Exploits0References2
CNVD
CNVD
added 2025/12/15 12:0 a.m.4 views

Adobe DNG Software Development Kit (SDK) Input Validation Error Vulnerability

Adobe DNG Software Development Kit SDK is a software development kit from the American company Audobee Adobe. An input validation error vulnerability exists in Adobe DNG Software Development Kit SDK, which can be exploited by an attacker to execute arbitrary code on a system or cause an applicati...

7.8CVSS6.3AI score0.00172EPSS
Exploits4References1
CVE
CVE
added 2025/12/10 9:46 p.m.16 views

CVE-2025-66033

CVE-2025-66033 affects Okta Java Management SDK (versions 21.0.0–24.0.0). The issue involves improper thread cleanup in multithreaded use of the ApiClient, which can cause memory issues and, under sustained load, degrade performance and availability and may lead to a denial-of-service. Red Hat/Re...

5.3CVSS6.3AI score0.00228EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2025/12/09 6:16 p.m.6 views

CVE-2025-64783

DNG SDK versions 1.7.0 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS0.00172EPSS
Exploits4References1
NVD
NVD
added 2025/12/09 6:16 p.m.5 views

CVE-2025-64894

DNG SDK versions 1.7.0 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could lead to application denial-of-service. An attacker could exploit this issue to cause the application to crash or become unresponsive. Exploitation of this issue requires user interaction ...

5.5CVSS0.00141EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/09 5:41 p.m.4 views

CVE-2025-64893 DNG SDK | Out-of-bounds Read (CWE-125)

DNG SDK versions 1.7.0 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure or application denial of service. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user...

7.1CVSS5.7AI score0.00147EPSS
Exploits5References1
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.3 views

PT-2025-50131

Name of the Vulnerable Software and Affected Versions DNG SDK versions 1.7.0 and earlier Description The DNG SDK is affected by an Integer Overflow or Wraparound issue. Successful exploitation could lead to arbitrary code execution with the privileges of the current user. User interaction is...

7.8CVSS7.4AI score0.00172EPSS
Exploits4References7
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.5 views

PT-2025-50132

Name of the Vulnerable Software and Affected Versions DNG SDK versions 1.7.0 and earlier Description The DNG SDK is affected by a Heap-based Buffer Overflow that may result in memory exposure or application denial of service. An attacker could exploit this issue to disclose sensitive memory...

7.1CVSS6.4AI score0.00165EPSS
Exploits2References7
CNNVD
CNNVD
added 2025/12/09 12:0 a.m.3 views

Adobe DNG SDK 缓冲区错误漏洞

Adobe DNG Software Development Kit SDK is a software development kit from the American company Audobee Adobe. The Adobe DNG Software Development Kit SDK contains an out-of-bounds read vulnerability that can be exploited by attackers to obtain sensitive information or cause a denial of service...

7.1CVSS5.8AI score0.00147EPSS
Exploits5References1
Vulnrichment
Vulnrichment
added 2025/12/02 6:12 p.m.3 views

CVE-2025-66414 DNS Rebinding Protection Disabled by Default in Model Context Protocol TypeScript SDK for Servers Running on Localhost

MCP TypeScript SDK is the official TypeScript SDK for Model Context Protocol servers and clients. Prior to 1.24.0, The Model Context Protocol MCP TypeScript SDK does not enable DNS rebinding protection by default for HTTP-based servers. When an HTTP-based MCP server is run on localhost without...

7.6CVSS6.2AI score0.00445EPSS
Exploits0References2
Fedora
Fedora
added 2025/11/22 1:38 a.m.7 views

[SECURITY] Fedora 43 Update: dotnet10.0-10.0.100-1.fc43

.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...

6.8AI score
Exploits0
Fedora
Fedora
added 2025/11/22 1:19 a.m.9 views

[SECURITY] Fedora 42 Update: dotnet10.0-10.0.100-1.fc42

.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...

6.8AI score
Exploits0
Fedora
Fedora
added 2025/11/22 1:17 a.m.7 views

[SECURITY] Fedora 41 Update: dotnet10.0-10.0.100-1.fc41

.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...

6.8AI score
Exploits0
EUVD
EUVD
added 2025/11/21 12:30 a.m.3 views

EUVD-2025-198372

Improper authorization in Dynamics OmniChannel SDK Storage Containers allows an unauthorized attacker to elevate privileges over a network...

8.8CVSS6.3AI score0.00415EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/20 10:18 p.m.8 views

CVE-2025-64655 Dynamics OmniChannel SDK Storage Containers Elevation of Privilege Vulnerability

...

8.8CVSS6.6AI score0.00415EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2025/11/20 8:0 a.m.16 views

Dynamics OmniChannel SDK Storage Containers Elevation of Privilege Vulnerability

Improper authorization in Dynamics OmniChannel SDK Storage Containers allows an unauthorized attacker to elevate privileges over a network...

9.8CVSS6.9AI score0.00415EPSS
Exploits0
CVE
CVE
added 2025/11/17 2:58 p.m.18 views

CVE-2025-4321

The CVE-2025-4321 entry concerns Silabs RS9116W-WiSeConnect SDK used in Bluetooth devices. Affected component: the RS9116-WiseConnect SDK handling L2CAP; root cause is processing malformed L2CAP packets, leading to a Denial of Service. Impact as stated: device remains non-operational until a hard...

7.1CVSS6.5AI score0.00164EPSS
Exploits0References1
Rows per page
Query Builder