Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that can be exploited by an attacker to cause local information disclosure...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. A code execution vulnerability exists in Google Android, which can be exploited by an attacker to execute arbitrary code on the system...

LibTIFF Buffer Overflow Vulnerability

LibTIFF is LibTIFF open source a library to read and write TIFF Tagged Image File Format files , the library contains a number of command-line tools to deal with TIFF files . LibTIFF has a buffer overflow vulnerability that originates from an incorrect operation of the file tiffcrop.c, which can ...

Mozilla多款产品 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the U.S.A. Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is email client software that supports the IMAP and POP mail protocols as well as the HTML mail format. A...

Unspecified vulnerability in Huawei HarmonyOS (CNVD-2025-22267)

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS has a security vulnerability that can be exploited by an attacker to cause the device to be set at random screen orientation by an exploit...

Microsoft Word Information Disclosure Vulnerability (CNVD-2025-18825)

Microsoft Word is a word processing software in the Office suite of the U.S. company Microsoft Microsoft. An information disclosure vulnerability exists in Microsoft Word, which is caused due to a buffer over-read error. An attacker could exploit the vulnerability to obtain sensitive information...

AMD EPYC Security Vulnerability

AMD EPYC is a high performance server processor from Ultraviolet Semiconductor AMD. AMD EPYC has a security vulnerability that stems from multiple vulnerabilities that could be exploited by an attacker...

kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array

A flaw was found in the AMD CPU erratum handling code in the Linux kernel. The erratum1386microcode array lacked a proper terminator, which could cause the x86matchcpuwithstepping function to read beyond the end of the array. This results in undefined behavior during CPU feature detection and...

CVE-2025-50422

A PDF parsing flaw has been discovered in poppler. This flaw may allow an attacker who can craft a malicious pdf file to induce a crash if they can convince their target to open the crafted pdf. Mitigation Mitigation for this issue is either not available or the currently available options do not...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which can be exploited by an attacker to cause the playback control screen to display abnormally...

Emby MediaBrowser 安全漏洞

Emby MediaBrowser is a media server software from Emby. Emby MediaBrowser has a security vulnerability that can be exploited by attackers to cause confidentiality to be compromised...

CVE-2025-23286

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where an attacker could read invalid memory. A successful exploit of this vulnerability might lead to information disclosure...

Unspecified Vulnerability in Apple macOS (CNVD-2025-22276)

Apple macOS is a specialized operating system developed by Apple for Mac computers. Apple macOS has a security vulnerability that can be exploited by an attacker to cause the system to terminate unexpectedly...

Unspecified Vulnerability in Apple macOS (CNVD-2025-18451)

Apple macOS is a specialized operating system developed by Apple for Mac computers. Apple macOS has a security vulnerability that can be exploited by attackers to cause malicious applications to gain root privileges...

CVE-2025-26469

An incorrect default permissions vulnerability exists in the CServerSettings::SetRegistryValues functionality of MedDream PACS Premium 7.3.3.840. A specially crafted application can decrypt credentials stored in a configuration-related registry key. An attacker can execute a malicious script or...

Microsoft Azure Machine Learning Elevation of Privilege Vulnerability

Microsoft Azure Machine Learning is a machine learning services platform from Microsoft USA. Microsoft Azure Machine Learning has a security vulnerability that can be exploited by an attacker to potentially cause elevation of privilege...

Microsoft Windows Resource Management Error Vulnerability (CNVD-2025-16950)

Microsoft Windows is a set of operating systems for use on personal devices from the American company Microsoft. Microsoft Windows has a security vulnerability. The vulnerability can be exploited by an attacker to gain elevated privileges...

CVE-2025-2425

Time-of-check to time-of-use race condition vulnerability potentially allowed an attacker to use the installed ESET security software to clear the content of an arbitrary file on the file system...

Microsoft Azure DevOps 安全漏洞

Microsoft Azure DevOps is a team collaboration services platform from Microsoft Corporation USA. Microsoft Azure DevOps has a security vulnerability that can be exploited by an attacker to potentially cause elevation of privilege...

CVE-2025-7618 A stored Cross-Site Scripting (XSS) vulnerability exists in the File Explorer and Text Editor of ADM

A stored Cross-Site Scripting XSS vulnerability vulnerability was found in the File Explorer and Text Editor of ADM. An attacker could exploit this vulnerability to inject malicious scripts into the applications, which may then access cookies or other sensitive information retained by the browser...