CVE-2025-48904

CVE-2025-48904 affects Huawei’s HarmonyOS family (noted with HarmonyOS 5.0.0 in CNVD/CNNVD). The issue is described as: cards can call unauthorized APIs in the FRS process, which can impact availability if exploited. The NVD entry documents a LOCAL, low-attack‑complexity vector with no privileges...

CVE-2025-48903

Permission bypass vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2025-48903

CVE-2025-48903 denotes a permission-bypass vulnerability in Huawei HarmonyOS’s media library module. Reported impact indicates potential availability disruption upon successful exploitation. Core details across sources show a local attack with low complexity and no privileges required, but user i...

CVE-2025-48902

CVE-2025-48902 affects Huawei HarmonyOS/EMUI and is described as a vulnerability in the setting module leading to potential availability impact. Public documentation in connected sources provides CVSS metrics (AV:L, AC:H, PR:L, UI:R, S:C, C:L/I:L/A:H) and notes exploitation is not detailed in the...

CVE-2025-48902

Vulnerability of uncontrolled system resource applications in the setting module Impact: Successful exploitation of this vulnerability may affect availability...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from a deserialization vulnerability, which arises from unsafe deserialization of serialized data received by an application from a...

PT-2025-24030 · Huawei · Harmonyos

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue concerns a vulnerability of improper permission assignment in the note sharing module. Successful exploitation of this vulnerability may affect availability. Recommendations: At th...

PT-2025-24021 · Huawei · Emui +1

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue concerns uncontrolled system resource applications in the setting module. Successful exploitation may affect availability. Recommendations: At the moment, there is no information...

PT-2025-24060 · Undefined · Undefined

CVSS: 4.3 Impact Loss of Availability Loss of Confidentiality Loss of Integrity Description A remote authenticated attacker can exploit a vulnerability in Synology DiskStation Manager and Synology Router Manager in order to manipulate files. Affected Versions Synology - Synology Router Manager -...

PT-2025-24025 · Dsoftbus · Dsoftbus

Name of the Vulnerable Software and Affected Versions: DSoftBus affected versions not specified Description: The issue is related to an authentication bypass vulnerability in the DSoftBus module. Successful exploitation of this vulnerability may affect availability. Recommendations: At the moment...

PT-2025-24026 · Huawei · Harmonyos

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A deserialization vulnerability exists in the IPC module. Successful exploitation of this issue may affect availability. Recommendations: At the moment, there is no information about a newer...

PT-2025-24019 · Arkui · Arkui

Name of the Vulnerable Software and Affected Versions: ArkUI framework affected versions not specified Description: The issue is related to a resource allocation control failure in the ArkUI framework. Successful exploitation of this vulnerability may affect availability. Recommendations: At the...

PT-2025-24029 · Dfile · Dfile

Name of the Vulnerable Software and Affected Versions: DFile module affected versions not specified Description: The issue is related to a buffer overflow vulnerability in the DFile module. Successful exploitation of this vulnerability may affect availability. Recommendations: At the moment, ther...

PT-2025-24027 · Huawei · Harmonyos

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue concerns a vulnerability in the auto startup service. Successful exploitation of this vulnerability may affect availability. Recommendations: At the moment, there is no information...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS version 5.0.0, which can be exploited by attackers to affect availability...

PT-2025-23884 · Aerc · Aerc

Name of the Vulnerable Software and Affected Versions: aerc versions before 93bec0d Description: The issue allows directory traversal in the commands/msgview/open.go file due to direct path concatenation of the name of an attachment part. This is caused by the lack of proper validation of...

The vulnerability of the cacheinfo component in the Linux operating system’s kernel allows a hacker to influence the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the cacheinfo component in the Linux operating system’s kernel is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

OPENSUSE-SU-2025:15201-1 python311-nh3-0.2.17-2.1 on GA media

These are all security issues fixed in the python311-nh3-0.2.17-2.1 package on the GA media of openSUSE Tumbleweed...

The vulnerability of the SAP NetWeaver Application ABAP software integration platform’s server, related to improper code generation management, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the SAP NetWeaver Application ABAP software integration platform is related to incorrect code generation management. Exploiting this vulnerability allows an attacker to influence the confidentiality, integrity, and accessibility of protected information...

The vulnerability of the functional module of the RFC interface of the software tool for managing changes and migrations in SAP Landscape Transformation (SLT) allows a attacker to influence the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the functional module of the RFC interface of the software tool for managing changes and migrations in SAP Landscape Transformation SLT is related to improper code generation. Exploiting this vulnerability can allow an attacker to influence the confidentiality, integrity, and...