CVE-2025-38299 ASoC: mediatek: mt8195: Set ETDM1/2 IN/OUT to COMP_DUMMY()

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8195: Set ETDM1/2 IN/OUT to COMPDUMMY ETDM2INBE and ETDM1OUTBE are defined as COMPEMPTY, in the case the codec dainame will be null. Avoid a crash if the device tree is not assigning a codec to these links...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from accessing a null pointer after failing to assign channel context...

📄 Schneider Electric EcoStruxure IT Data Center Expert 8.3 Privilege Escalation

Schneider Electric EcoStruxure IT Data Center Expert versions 8.3 and below contain a Charon executable that can be used by a low-privileged attacker to obtain root privileges. The Charon executable and configuration appears to be a local method for adding and removing services that run within th...

CVE-2025-0140

An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS devices enables a locally authenticated non administrative user to disable the app even if the GlobalProtect app configuration would not normally permit them to do so. The GlobalProtect app on...

CVE-2025-0140

CVE-2025-0140 describes an incorrect privilege assignment in the Palo Alto Networks GlobalProtect App (macOS) that can allow a locally authenticated non-administrative user to disable the app. The primary description states Windows, Linux, iOS, Android, Chrome OS and GlobalProtect UWP are not aff...

CVE-2025-0140 GlobalProtect App: Non Admin User Can Disable the GlobalProtect App

An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS devices enables a locally authenticated non administrative user to disable the app even if the GlobalProtect app configuration would not normally permit them to do so. The GlobalProtect app on...

PT-2025-28968 · Palo Alto Networks · Palo Alto Networks Autonomous Digital Experience Manager

Name of the Vulnerable Software and Affected Versions: Palo Alto Networks Autonomous Digital Experience Manager affected versions not specified Description: An incorrect privilege assignment exists in Palo Alto Networks Autonomous Digital Experience Manager. A locally authenticated low-privileged...

PT-2025-28969 · Palo Alto Networks · Globalprotect App

Name of the Vulnerable Software and Affected Versions: Palo Alto Networks GlobalProtect App versions affected versions not specified Description: An incorrect privilege assignment allows a locally authenticated, non-administrative user to disable the GlobalProtect App, even when the configuration...

The vulnerability of the Discrete Device Assignment (DDA) function in Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the Discrete Device Assignment DDA function in Windows operating systems is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

CVE-2025-48822 Windows Hyper-V Discrete Device Assignment (DDA) Remote Code Execution Vulnerability

...

Windows Hyper-V Discrete Device Assignment (DDA) Remote Code Execution Vulnerability

Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally...

CVE-2025-49867

Incorrect Privilege Assignment vulnerability in InspiryThemes RealHomes realhomes allows Privilege Escalation.This issue affects RealHomes: from n/a through = 4.4.0...

CVE-2025-5953

The WP Human Resource Management plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization in the ajaxinsertemployee and updateempoyee functions in versions 2.0.0 through 2.2.17. The AJAX handler reads the client-supplied $POST'role' and, after basic cleaning via...

CVE-2025-49867

Incorrect Privilege Assignment vulnerability in InspiryThemes RealHomes allows Privilege Escalation. This issue affects RealHomes: from n/a through 4.4.0...

CVE-2025-49867

Incorrect Privilege Assignment vulnerability in InspiryThemes RealHomes realhomes allows Privilege Escalation.This issue affects RealHomes: from n/a through = 4.4.0...

CVE-2025-23970

CVE-2025-23970 concerns the WordPress plugin for aonetheme Service Finder Booking, with an Incorrect Privilege Assignment vulnerability that enables Privilege Escalation . Affected software: Service Finder Booking up to version 6.0. Root cause and impact are stated across Connected documents: mis...

PT-2025-27898

Name of the Vulnerable Software and Affected Versions: aonetheme Service Finder Booking versions n/a through 6.0 Description: The issue is related to an Incorrect Privilege Assignment vulnerability in the aonetheme Service Finder Booking, allowing Privilege Escalation. Recommendations: For versio...

WordPress plugin RealHomes 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

The vulnerability of the DRM/AMD/display components in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the DRM/amd/display components in the Linux operating system is related to pointer assignment errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the drivers/reset/starfive/reset-starfive-jh71x0.c component of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the drivers/reset/starfive/reset-starfive-jh71x0.c component in the Linux operating system is related to pointer assignment errors. Exploiting this vulnerability could allow an attacker to cause a service failure...