36947 matches found
Huawei HarmonyOS Security Control Conditional Competition Vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A conditional contention vulnerability exists in the Huawei HarmonyOS security control, which can be exploited by an attacker to cause availability to be...
Huawei HarmonyOS Certificate Management Module Path Traversal Vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A path traversal vulnerability exists in the Huawei HarmonyOS certificate management module, which can be exploited by an attacker to cause availability to b...
Huawei HarmonyOS Dimension Test Module Conditional Competition Vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A conditional contention vulnerability exists in the Huawei HarmonyOS dimensioning module, which can be exploited by an attacker to cause availability to be...
Huawei HarmonyOS cellular_data module privilege control vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A privilege control vulnerability exists in the Huawei HarmonyOS cellulardata module, which can be exploited by an attacker to compromise availability...
PT-2026-24957
CVE: CVE-2026-21671 PT-Identifier: PT-2026-24957 Vendor: Veeam Product: Software Appliance CVSS: 9.1 Credits: n/a Description: A vulnerability allowing an authenticated user with the Backup Administrator role to perform remote code execution RCE in high availability HA deployments of Veeam Backup...
Veeam Backup And Recovery 安全漏洞
Veeam Backup and Recovery is a data backup, recovery, and replication software developed by the American company Veeam. Veeam Backup and Recovery has a security vulnerability that stems from allowing authenticated users with the role of backup administrators to execute remote code execution in...
Huawei HarmonyOS Scanning Module Buffer Overflow Vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A buffer overflow vulnerability exists in the Huawei HarmonyOS scanning module, which can be exploited by an attacker to cause availability to be compromised...
Huawei HarmonyOS Print Module Competitive Conditions Vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A competitive condition vulnerability exists in the Huawei HarmonyOS Printing Module, which can be exploited by an attacker to cause availability to be...
CVE-2026-32062
OpenClaw versions2026.2.21-2 prior to 2026.2.22 and @openclaw/voice-call versions 2026.2.21 prior to 2026.2.22 accept media-stream WebSocket upgrades before stream validation, allowing unauthenticated clients to establish connections. Remote attackers can hold idle pre-authenticated sockets open ...
CVE-2026-21359
Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and have limited...
EUVD-2025-208552
Improper input validation in the UEFI firmware for some Intel Reference Platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable data manipulation. This result may potentially occur via local access when...
PT-2026-24565
Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and have limited...
Adobe Commerce 安全漏洞
Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. Adobe Commerce has an authorization issue vulnerability that could be exploited by an attacker to bypass security measures and have a limited impact on...
helm3-3.20.0-2.1 on GA media (moderate)
helm3-3.20.0-2.1 on GA media Announcement ID: openSUSE-SU-2026:10319-1 Rating: moderate Cross-References: CVE-2025-55199 CVSS scores: CVE-2025-55199 SUSE : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2025-55199 SUSE : 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N...
ghostty-1.3.0-1.1 on GA media (moderate)
ghostty-1.3.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10316-1 Rating: moderate Cross-References: CVE-2026-26982 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the ghostty-1.3.0-1.1...
CVE-2025-20096
CVE-2025-20096 involves improper input validation in the UEFI firmware for some Intel Reference Platforms, allowing escalation of privilege. The Red Hat, NVD, Intel advisory and EUVD records describe local access, high attack requirements, and user interaction as prerequisites, with potential imp...
CVE-2025-20096
Improper input validation in the UEFI firmware for some Intel Reference Platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable data manipulation. This result may potentially occur via local access when...
EUVD-2026-10572
CWE-94: Improper Control of Generation of Code 'Code Injection' vulnerability exist that could cause execution of untrusted commands on the engineering workstation which could result in a limited compromise of the workstation and a potential loss of Confidentiality, Integrity and Availability of...
EUVD-2026-10571
CWE-94: Improper Control of Generation of Code 'Code Injection' vulnerability exist that could cause execution of untrusted commands on the engineering workstation which could result in a limited compromise of the workstation and a potential loss of Confidentiality, Integrity and Availability of...
EUVD-2026-10465
Due to an uncontrolled resource consumption Denial of Service vulnerability, an authenticated attacker with regular user privileges and network access can repeatedly invoke a remote-enabled function module with an excessively large loop-control parameter. This triggers prolonged loop execution th...