37008 matches found
Hitachi Energy's RTU500 series Missing synchronization (CVE-2025-1445)
A vulnerability exists in RTU IEC 61850 client and server functionality that could impact the availability if renegotiation of an open IEC61850 TLS connection takes place in specific timing situations, when IEC61850 communication is active. Precondition is that IEC61850 as client or server are...
The vulnerability of the padata_reorder() function in the kernel/padata.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the padatareorder function in the kernel/padata.c module of the Linux operating system is related to the reutilization of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...
The vulnerability of the nilfs_clear_dirty_pages() function in the fs/nilfs2/page.c module of the NILFS2 file system support module for the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the nilfscleardirtypages function in the fs/nilfs2/page.c module of the NILFS2 file system support module in the Linux operating system is related to the repeated use of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the...
The vulnerability of the io_rw_init_file() function in the io_uring/rw.c module, a component of the Linux kernel’s asynchronous input/output interface, allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the iorwinitfile function in the iouring/rw.c module, a component of the Linux kernel’s asynchronous input/output interface, relates to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...
Vulnerability of the lpfc_initial_flogi() function in the drivers/scsi/lpfc/lpfc_els.c module – The SCSI device support driver for the Linux operating system, which allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
Vulnerability of the lpfcinitialflogi function in the drivers/scsi/lpfc/lpfcels.c module – The Linux SCSI device driver relies on the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of...
The vulnerability of the nci_close_device() function in the net/nfc/nci/core.c module, which is part of the NFC NCI support for Linux operating systems, allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the nciclosedevice function in the net/nfc/nci/core.c module, which supports NFC NCI implementations in Linux operating systems, is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality...
CVE-2025-22375 Authentication Bypass in CyberAudit-Web
An authentication bypass vulnerability was found in Videx's CyberAudit-Web. Through the exploitation of a logic flaw, an attacker could create a valid session without any credentials. This vulnerability has been patched in versions later than 9.5 and a patch has been made available to all instanc...
CVE-2025-30017
Due to a missing authorization check, an authenticated attacker could upload a file as a template for solution documentation in SAP Solution Manager 7.1. After successful exploitation, an attacker can cause limited impact on the integrity and availability of the application...
CVE-2025-31332
Due to insecure file permissions in SAP BusinessObjects Business Intelligence Platform, an attacker who has local access to the system could modify files potentially disrupting operations or cause service downtime hence leading to a high impact on integrity and availability. However, this...
CVE-2025-30016
SAP Financial Consolidation allows an unauthenticated attacker to gain unauthorized access to the Admin account. The vulnerability arises due to improper authentication mechanisms, due to which there is high impact on the Confidentiality, Integrity & Availability of the application...
CVE-2025-21792 affecting package kernel for versions less than 6.6.79.1-1
CVE-2025-21792 affecting package kernel for versions less than 6.6.79.1-1. A patched version of the package is available...
SUSE CVE-2024-38797
EDK2 contains a vulnerability in the HashPeImageByType. A user may cause a read out of bounds when a corrupted data pointer and length are sent via an adjecent network. A successful exploit of this vulnerability may lead to a loss of Integrity and/or Availability...
CVE-2025-2442
CWE-1188: Initialization of a Resource with an Insecure Default vulnerability exists that could potentially lead to unauthorized access which could result in the loss of confidentially, integrity and availability when a malicious user, having physical access, sets the radio to the factory default...
CVE-2025-2442
CVE-2025-2442 concerns Schneider Electric Trio Q Licensed Data Radio. The vulnerability stems from Initialization of a Resource with an Insecure Default , enabling a malicious user with physical access to set the radio to factory default mode and trigger unauthorized access, potentially compromis...
CVE-2025-2223
CVE-2025-2223 affects Schneider Electric ConneXium Network Manager. The root cause is improper input validation in the software, enabling a malicious local user to load a crafted project file that can compromise confidentiality, integrity, and availability on engineering workstations. CVSS metric...
CVE-2025-2223
CWE-20: Improper Input Validation vulnerability exists that could cause a loss of Confidentiality, Integrity and Availability of engineering workstation when a malicious project file is loaded by a user from the local system...
CVE-2024-58109
Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2024-58110
Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2024-58116
Buffer overflow vulnerability in the SVG parsing module of the ArkUI framework Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2024-58108
Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability...