PT-2025-18684 · Unknown +1 · Llama Factory +1

Name of the Vulnerable Software and Affected Versions: LLaMA-Factory version prior to 1.0.0 Description: LLaMA Factory enables fine-tuning of large language models. A critical issue exists in the llamafy baichuan2.py script, which performs insecure deserialization using torch.load on user-supplie...

CVE-2025-3840 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

An improper neutralization of input vulnerability was identified in the End of Life EOL OVA based connect installer component which is deployed for installation purposes in a customer network. This EOL component was deprecated in September 2023 with end of support extended till January 2024. An...

CVE-2025-26153

A Stored XSS vulnerability exists in the message compose feature of Chamilo LMS 1.11.28. Attackers can inject malicious scripts into messages, which execute when victims, such as administrators, reply to the message...

PT-2025-29262 · Unknown · Software Smi Handler

Name of the Vulnerable Software and Affected Versions: Software SMI Handler affected versions not specified Description: A vulnerability in the Software SMI handler SwSmiInputValue 0x20 allows a local attacker to supply a crafted pointer FuncBlock through RBX and RCX register values. This pointer...

The vulnerability of the mptcp_established_options_add_addr function in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the mptcpestablishedoptionsaddaddr function in the Linux kernel involves the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

PT-2025-15879 · Sonos · Sonos Era 300

Name of the Vulnerable Software and Affected Versions: Sonos Era 300 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected Sonos Era 300 speakers. The specific flaw exists within the processing of HLS playlist data, resulti...

CVE-2025-31127 Element X Android allows the entity in control of the well-known file to break the confidentiality embedded Element Call

Element X Android is a Matrix Android Client provided by element.io. In Element X Android versions between 0.4.16 and 25.03.3, the entity in control of the element.json well-known file is able, under certain conditions, to get access to the media encryption keys used for an Element Call call. Thi...

The vulnerability of the pktgen_thread_worker() function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the pktgenthreadworker function in the Linux operating system’s kernel is related to insufficient resource locking. Exploiting this vulnerability can allow an attacker to cause a service failure...

GHSA-2J42-H78H-Q4FG Beego allows Reflected/Stored XSS in Beego's RenderForm() Function Due to Unescaped User Input

Summary A Cross-Site Scripting XSS vulnerability exists in Beego's RenderForm function due to improper HTML escaping of user-controlled data. This vulnerability allows attackers to inject malicious JavaScript code that executes in victims' browsers, potentially leading to session hijacking,...

The vulnerability of the mptcp component in Linux kernel, which allows a hacker to cause a service failure

The vulnerability of the mptcp component in Linux operating systems is related to a reachable assertion. Exploiting this vulnerability could allow an attacker to cause a service failure...

phpIPAM circuits options page cross-site scripting vulnerability

phpIPAM is phpIPAM open source set of open source PHP and MySQL based IP address management application IPAM. A cross-site scripting vulnerability exists in phpIPAM version 1.5.2, which stems from the lack of effective filtering and escaping of user-supplied data on the circuits options page, whi...

PHPGurukul Art Gallery Management System 注入漏洞

Art Gallery Management System is an art gallery management system. Art Gallery Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter eid of art-enquiry.php. An attacker can exploit this...

CVE-2025-2495 Stored Cross-Site Scripting (XSS) vulnerability in Softdial Contact Center

Stored Cross-Site Scripting XSS in Softdial Contact Center of Sytel Ltd. This vulnerability allows an attacker to upload XML files to the server with JavaScript code injected via the ‘/softdial/scheduler/save.php’ resource. The injected code will execute when the uploaded file is loaded via the...

CVE-2025-30106

The CVE-2025-30106 entry concerns IROAD v9 dashcams that ship with hardcoded default credentials ("qwertyuiop") which cannot be changed by the user. The credential hardening absence enables an attacker within Wi‑Fi range to connect to the device’s network for sniffing. Public sources in the conne...

The vulnerability of the igc_clean_tx_ring() function in the drivers/net/ethernet/intel/igc/igc_main.c file of the Linux kernel’s Ethernet adapter support driver allows a attacker to cause a service failure.

The vulnerability of the igccleantxring function in the drivers/net/ethernet/intel/igc/igcmain.c file of the Linux kernel’s Ethernet adapter support module is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

SAP NetWeaver AS Java XSS (March 2025)

SAP NetWeaver Application Server for Java is affected by cross-site scripting vulnerability: - User management functionality in SAP NetWeaver Application Server Java is vulnerable to Stored Cross-Site Scripting XSS. This could enable an attacker to inject malicious payload that gets stored and...

CVE-2025-27773 SimpleSAMLphp SAML2 library has incorrect signature verification for HTTP-Redirect binding

The SimpleSAMLphp SAML2 library is a PHP library for SAML2 related functionality. Prior to versions 4.17.0 and 5.0.0-alpha.20, there is a signature confusion attack in the HTTPRedirect binding. An attacker with any signed SAMLResponse via the HTTP-Redirect binding can cause the application to...

CVE-2025-24055

CVE-2025-24055 is a Windows USB Video Driver vulnerability described as an out-of-bounds read that could allow an authorized attacker to disclose information with a physical attack. The CVSSv3.1 base score is 4.3 (Medium), with privileges required as Low, attack vector Physical, and impact restri...

Microsoft Visual Studio 代码问题漏洞

Microsoft Visual Studio is a family of development tool suites from Microsoft, and a largely complete development toolset that includes most of the tools needed throughout the software life cycle. An elevation of privilege vulnerability exists in Microsoft Visual Studio, which can be exploited by...

Microsoft Streaming Service 安全漏洞

Microsoft Streaming Service is a video platform from Microsoft Corporation USA. A security vulnerability exists in Microsoft Streaming Service. An attacker could exploit the vulnerability to elevate privileges. The following products and editions are affected:Windows 10 Version 1809 for 32-bit...