CVE-2025-61114

2nd Line Android App version v1.2.92 and before package name com.mysecondline.app, developed by AutoBizLine, Inc., contains an improper access control vulnerability in its authentication mechanism. The server only validates the first character of the usertoken, enabling attackers to brute force...

CVE-2025-21910

CVE-2025-21910 affects the Linux kernel (wifi: cfg80211: regulatory) where invalid user regulatory hints could pass through via regulatory_hint_user() into user_alpha2[]. The root cause involves isalpha() handling non-Latin symbols and a subsequent toupper() mutation that bypassed a prior check. ...

Huawei EulerOS: Security Advisory for subversion (EulerOS-SA-2025-1224)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CLSA-2023-1697576053 Fix CVE(s): CVE-2023-4504

SECURITY UPDATE: heap-based buffer overflow - debian/patches/CVE-2023-4504.patch: check for end of buffer if there is an escaped character - CVE-2023-4504...

CVE-2023-28635 Defining resource name as integer in vantage6 may give unintended access

vantage6 is privacy preserving federated learning infrastructure. Prior to version 4.0.0, malicious users may try to get access to resources they are not allowed to see, by creating resources with integers as names. One example where this is a risk, is when users define which users are allowed to...

PHP 5.2.4 money_format 存在字符检查不严格

No description provided by source...