Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure through error messages returned by the JSON-RPC API. An attacker can access sensitive trace-back information, including information about the internal network configuration and server setup, by sending malformed...

CVE-2025-58308

Vulnerability of improper criterion security check in the call module. Impact: Successful exploitation of this vulnerability may cause features to perform abnormally...

SUSE-SU-2025:4305-1 Security update for grub2

This update for grub2 fixes the following issues: - CVE-2025-54771: Fixed rubfileclose does not properly controls the fs refcount bsc1252931 - CVE-2025-54770: Fixed missing unregister call for netsetvlan command may lead to use-after-free bsc1252930 - CVE-2025-61662: Fixed missing unregister call...

CVE-2025-58308

Vulnerability of improper criterion security check in the call module. Impact: Successful exploitation of this vulnerability may cause features to perform abnormally...

CVE-2025-58308

Vulnerability of improper criterion security check in the call module. Impact: Successful exploitation of this vulnerability may cause features to perform abnormally...

EUVD-2025-199857

Vulnerability of improper criterion security check in the call module. Impact: Successful exploitation of this vulnerability may cause features to perform abnormally...

CVE-2025-58308

Huawei HarmonyOS is affected by CVE-2025-58308 via an improper criterion security check in the call module. Affected versions include HarmonyOS 5.0.1–5.1.0 and 6.0.0. The underlying issue is in the call module’s security check criteria, enabling abnormal feature behavior upon exploitation. The PT...

CVE-2025-58308

Vulnerability of improper criterion security check in the call module. Impact: Successful exploitation of this vulnerability may cause features to perform abnormally...

CVE-2025-58308

Vulnerability of improper criterion security check in the call module. Impact: Successful exploitation of this vulnerability may cause features to perform abnormally...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from an Improper Security Check Criteria vulnerability that originates from an improper security check criterion for the call module...

GAPS: Guiding Dynamic Android Analysis with Static Path Synthesis

Dynamically resolving method reachability in Android applications remains a critical and largely unsolved problem. Despite notable advancements in GUI testing and static call graph construction, current tools are insufficient for reliably driving execution toward specific target methods, especial...

CVE-2025-65966

OneUptime is a solution for monitoring and managing online services. In version 9.0.5598, a low-permission user can create new accounts through a direct API request instead of being restricted to the intended interface. This issue has been patched in version 9.1.0...

CVE-2025-6389

The Sneeit Framework plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 8.3 via the sneeitarticlespaginationcallback function. This is due to the function accepting user input and then passing that through calluserfunc. This makes it possible for...

Security update for grub2

This update for grub2 fixes the following issues: CVE-2025-54771: Fixed rubfileclose does not properly controls the fs refcount bsc1252931 CVE-2025-61661: Fixed out-of-bounds write in grubusbgetstring function bsc1252932 CVE-2025-61662: Fixed missing unregister call for gettext command may lead t...

CVE-2025-6389 Sneeit Framework <= 8.3 - Unauthenticated Remote Code Execution in sneeit_articles_pagination_callback

The Sneeit Framework plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 8.3 via the sneeitarticlespaginationcallback function. This is due to the function accepting user input and then passing that through calluserfunc. This makes it possible for...

kernel: NFSD: Protect against send buffer overflow in NFSv2 READ

In the Linux kernel, the following vulnerability has been resolved: NFSD: Protect against send buffer overflow in NFSv2 READ Since before the git era, NFSD has conserved the number of pages held by each nfsd thread by combining the RPC receive and send buffers into a single array of pages. This...

EUVD-2025-199040

Malicious code in react-native-phone-call npm...

MAL-2025-191003 Malicious code in react-native-phone-call (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0e134ec88971e1ecadce79d1699bde00b798633b1ef9a0f6ebb2dbf67a51cdf5 The package react-native-phone-call was found to contain malicious code. Source: ghsa-malware...

Malicious code in react-native-phone-call (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0e134ec88971e1ecadce79d1699bde00b798633b1ef9a0f6ebb2dbf67a51cdf5 The package react-native-phone-call was found to contain malicious code. Source: ghsa-malware...

CVE-2025-13524

Improper resource release in the call termination process in AWS Wickr before version 6.62.13 on Windows, macOS and Linux may allow a call participant to continue receiving audio input from another user after they close their call window. This issue occurs under certain conditions, which require...