CVE-2025-59612 Stack-based Buffer Overflow in Windows Compute

Memory corruption in windows drivers while sending incorrect trusted application request...

CVE-2025-59612

CVE-2025-59612 describes memory corruption in Windows drivers triggered by sending an incorrect trusted-application request. The issue is detailed in the initial description and corroborated by NVD entries, with CVSSv3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H indicating local exploitability with hig...

CVE-2026-8706 Sensitive user data could be leaked to other applications through Reader mode

Firefox for iOS hosted Reader mode on an unauthenticated local web server, allowing another application on the same device to request arbitrary URLs and receive the response rendered with the signed-in user's cookies. This vulnerability was fixed in Firefox for iOS 151.0...

[SECURITY] Fedora 44 Update: rust-reqsign-core-3.0.0-1.fc44

Signing API requests without effort...

CVE-2025-68477 Langflow vulnerable to Server-Side Request Forgery

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.7.0, Langflow provides an API Request component that can issue arbitrary HTTP requests within a flow. This component takes a user-supplied URL, performs only normalization and basic format checks, an...

EUVD-2018-2058

Malware in sbrugna...

Argo CD 代码问题漏洞

Argo CD is an Argo open source declarative GitOps continuous delivery tool for Kubernetes. A code issue vulnerability exists in Argo CD that stems from a malicious API request that is not handled correctly, which could lead to an API server crash and denial of service. The following versions are...

Cisco ISE and ISE-PIC Injection Vulnerabilities (CNVD-2025-17186)

Cisco ISE and Cisco ISE-PIC are both products of the U.S. Cisco Cisco.Cisco ISE is the identity services engine introduced by Cisco, mainly used for network access control and security management.Cisco ISE-PIC is the passive identity connector of the Cisco Identity Services Engine, which is mainl...

CVE-2021-22331

There is a JavaScript injection vulnerability in certain Huawei smartphones. A module does not verify some inputs sufficiently. Attackers can exploit this vulnerability by sending a malicious application request to launch JavaScript injection. This may compromise normal service. Affected product...

Security Advisory - JavaScript Injection Vulnerability in Huawei Smartphone

There is a JavaScript injection vulnerability in Huawei smartphone. A module does not verify some inputs sufficiently. Attackers can exploit this vulnerability by sending malicious application request to launch JavaScript injection. This may compromise normal service. Vulnerability ID:...

CVE-2020-26077

A vulnerability in the access control functionality of Cisco IoT Field Network Director FND could allow an authenticated, remote attacker to view lists of users from different domains that are configured on an affected system. The vulnerability is due to improper access control. An attacker could...

The SmartHub Tool

SmartHub v1 Created Date: 12/17/2015 Updated Date: 4/4/2016 Current Version is v1.1 Where to download ? Certain legacy Citrix tools are now available on request only. Please submit the request here - https://forms.gle/obA39PEz5qpDiSPq8 Once we verify your request, we will provide access to the...

Huawei OxfordS-AN00A Information Disclosure Vulnerability

The Huawei OxfordS-AN00A is a Huawei smartphone device. The Huawei OxfordS-AN00A suffers from an insufficient forensics vulnerability that can be exploited by a remote attacker to submit a special application request, which can be used to obtain sensitive information...

Spotify Version: 0.4.3.426 Disconnect Exploit

Exploit for windows platform in category dos / poc Exploit Title: Spotify Disconnect Exploit Author: pimpim - email protected Software Link: http://www.spotify.com/se/download/windows/ Version: 0.4.3.426 Platform / Tested on: Windows 7, Windows XP, Ubuntu linux using wine Category: dos Descriptio...

Android camera and audio control bypass

Access control is only checked on application request...