291 matches found
PT-2025-32021 · Huawei · Harmonyos
Name of the Vulnerable Software and Affected Versions: affected versions not specified Description: An input verification issue exists in the home screen module. Successful exploitation may affect availability. Recommendations: At the moment, there is no information about a newer version that...
PT-2025-32086 · Unknown · Kernel Gyroscope Module
Name of the Vulnerable Software and Affected Versions: kernel gyroscope module affected versions not specified Description: The issue is a buffer overflow caused by insufficient data verification within the kernel gyroscope module. Successful exploitation could impact system availability...
CVE-2025-54424
1Panel is a web interface and MCP Server that manages websites, files, containers, databases, and LLMs on a Linux server. In versions 2.0.5 and below, the HTTPS protocol used for communication between the Core and Agent endpoints has incomplete certificate verification during certificate...
CVE-2025-54573
CVAT is an open source interactive video and image annotation tool for computer vision. In versions 1.1.0 through 2.41.0, email verification was not enforced when using Basic HTTP Authentication. As a result, users could create accounts using fake email addresses and use the product as verified...
CVE-2025-54573
CVAT is an open source interactive video and image annotation tool for computer vision. In versions 1.1.0 through 2.41.0, email verification was not enforced when using Basic HTTP Authentication. As a result, users could create accounts using fake email addresses and use the product as verified...
GO-2025-3777 Podman Improper Certificate Validation; machine missing TLS verification in github.com/containers/podman
Podman Improper Certificate Validation; machine missing TLS verification in github.com/containers/podman...
CVE-2025-54419 Node-SAML Contains SAML Signature Verification Vulnerability
A SAML library not dependent on any frameworks that runs in Node. In version 5.0.1, Node-SAML loads the assertion from the unsigned original response document. This is different than the parts that are verified when checking signature. This allows an attacker to modify authentication details with...
PT-2025-30186 · Eluktronics · Eluktronics Control Center
Name of the Vulnerable Software and Affected Versions: Eluktronics Control Center version 5.23.51.41 Description: A problematic issue exists within the REG File Handler component of the software due to insufficient verification of data authenticity. This can be exploited on the local host. The...
AlmaLinux 9 : podman (ALSA-2025:10550)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:10550 advisory. podman: podman missing TLS verification CVE-2025-6032 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note th...
CVE-2025-21004
Improper verification of intent by broadcast receiver in System UI for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to power off the device...
Important: podman security update
The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: podman: podman missing TLS verification CVE-2025-6032 For more details about the security...
CVE-2025-6032 Podman: podman missing tls verification
A flaw was found in Podman. The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry. This issue results in a Man In The Middle attack...
Ubuntu: Security Advisory (USN-7560-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Important: Red Hat Security Advisory: Red Hat build of Keycloak 26.2.5 Images Security Update
New images are available for Red Hat build of Keycloak 26.2.5 and Red Hat build of Keycloak 26.2.5 Operator, running on OpenShift Container Platform Red Hat build of Keycloak is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat...
CVE-2024-31127 MacOS Zscaler Client Connector Local Privilege Escalation
An improper verification of a loaded library in Zscaler Client Connector on Mac 4.2.0.241 may allow a local attacker to elevate their privileges...
CVE-2025-48948 Navidrome Transcoding Permission Bypass Vulnerability Report
Navidrome is an open source web-based music collection server and streamer. A permission verification flaw in versions prior to 0.56.0 allows any authenticated regular user to bypass authorization checks and perform administrator-only transcoding configuration operations, including creating,...
CVE-2024-45522
Linen before cd37c3e does not verify that the domain is linen.dev or www.linen.dev when resetting a password. This occurs in create in apps/web/pages/api/forgot-password/index.ts...
CVE-2024-21491
Versions of the package svix before 1.17.0 are vulnerable to Authentication Bypass due to an issue in the verify function where signatures of different lengths are incorrectly compared. An attacker can bypass signature verification by providing a shorter signature that matches the beginning of th...
CVE-2024-51529
Data verification vulnerability in the battery module Impact: Successful exploitation of this vulnerability may affect function stability...
CVE-2024-57545
Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field hiddendhcpnum is copied to the stack without length verification...