PT-2025-5282 · Apple · Ios +1

Name of the Vulnerable Software and Affected Versions: iPadOS versions prior to 17.7.4 iOS versions prior to 18.3 iPadOS versions prior to 18.3 Description: The issue is related to the handling of symlinks, which could allow an attacker to modify protected system files by restoring a maliciously...

Apple iOS和iPadOS 后置链接漏洞

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A backlink vulnerability exists in Apple iOS version 18.3 and iPadOS version 18.3, which stems from the fact that restorin...

CVE-2024-57252

OtCMS =V7.46 is vulnerable to Server-Side Request Forgery SSRF in /admin/read.php, which can Read system files arbitrarily...

CVE-2025-0530

A vulnerability has been found in code-projects Job Recruitment 1.0 and classified as problematic. This vulnerability affects unknown code of the file /parse/feedbacksystem.php. The manipulation of the argument type leads to cross site scripting. The attack can be initiated remotely. The exploit...

Code-Projects Job Recruitment 代码注入漏洞

Code-Projects Job Recruitment is a Code-Projects open source job portal. A code injection vulnerability exists in Code-Projects Job Recruitment version 1.0, which stems from the parameter type of the file /parse/feedbacksystem.php that can lead to cross-site scripting attacks...

UBUNTU-CVE-2024-57886

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: fix new damontarget objects leaks on damoncommittargets Patch series "mm/damon/core: fix memory leaks and ignored inputs from damoncommitctx". Due to two bugs in damoncommittargets and damoncommitschemes, which are...

PT-2025-4793 · Aruba · Arubaos

Name of the Vulnerable Software and Affected Versions: ArubaOS versions AOS-8 through AOS-10 Description: An authenticated parameter injection vulnerability exists in the web-based management interface of the ArubaOS. Successful exploitation could allow an authenticated user to leverage parameter...

CVE-2024-43705 GPU DDK - Security: Exploitable PVRSRVBridgePhysmemWrapExtMem may lead to overwrite read-only file/memory (e.g. libc.so)

Software installed and run as a non-privileged user can trigger the GPU kernel driver to write to arbitrary read-only system files that have been mapped into application memory...

CVE-2024-56622

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: sysfs: Prevent div by zero Prevent a division by 0 when monitoring is not enabled...

UBUNTU-CVE-2024-56622

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: sysfs: Prevent div by zero Prevent a division by 0 when monitoring is not enabled...

CVE-2024-56622 scsi: ufs: core: sysfs: Prevent div by zero

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: sysfs: Prevent div by zero Prevent a division by 0 when monitoring is not enabled...

CVE-2024-51532

Dell PowerStore contains an Improper Neutralization of Argument Delimiters in a Command 'Argument Injection' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to modification of arbitrary system files...

CVE-2024-51532

Dell PowerStore contains an Improper Neutralization of Argument Delimiters in a Command 'Argument Injection' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to modification of arbitrary system files...

CVE-2024-51532

CVE-2024-51532 affects Dell PowerStore with a vulnerability described as improper neutralization of argument delimiters (parameter injection). The issue can be exploited by a low-privilege attacker with local access to modify arbitrary system files, tied to the PowerStore component handling comma...

CVE-2024-51532

Dell PowerStore contains an Improper Neutralization of Argument Delimiters in a Command 'Argument Injection' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to modification of arbitrary system files...

Dell PowerStore 参数注入漏洞

Dell PowerStore is a scalable all-flash array storage from Dell USA. The Dell PowerStore suffers from a parameter injection vulnerability that originates from improper parameter delimiter neutralization, which can be exploited by an attacker to modify arbitrary system files...

Veeam Backup & Replication 安全漏洞

Veeam Backup & Replication is a backup and replication software from Veeam USA. A security vulnerability exists in Veeam Backup & Replication 12.2.0.334 and previous versions 12.X. The vulnerability stems from an insufficient blacklist during deserialization, which allows for the deletion of any...

mySCADA myPRO 安全漏洞

mySCADA myPRO is a professional HMI/SCADA system designed primarily for the visualization and control of industrial processes. A directory traversal vulnerability exists in mySCADA myPRO Manager, which can be exploited by an attacker to submit a special request to view the contents of a system fi...

CVE-2020-26074

A vulnerability in system file transfer functions of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to gain escalated privileges on the underlying operating system. The vulnerability is due to improper validation of path input to the system file transfer functions. An...

CVE-2020-26074 Cisco SD-WAN vManage Privilege Escalation Vulnerability

A vulnerability in system file transfer functions of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to gain escalated privileges on the underlying operating system. The vulnerability is due to improper validation of path input to the system file transfer functions. An...