CVE-2025-30150

Shopware 6 is an open commerce platform based on Symfony Framework and Vue. Through the store-api it is possible as a attacker to check if a specific e-mail address has an account in the shop. Using the store-api endpoint /store-api/account/recovery-password you get the response, which indicates...

CVE-2025-30150 Shopware 6 allows attackers to check for registered accounts through the store-api

Shopware 6 is an open commerce platform based on Symfony Framework and Vue. Through the store-api it is possible as a attacker to check if a specific e-mail address has an account in the shop. Using the store-api endpoint /store-api/account/recovery-password you get the response, which indicates...

Adobe Framemaker 安全漏洞

Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. Adobe Framemaker suffers from a heap buffer overflow vulnerability that stems from insufficient bounds checking,...

MediaTek Chipsets 安全漏洞

MediaTek Chipsets is a series of chips from China's MediaTek Corporation MediaTek. A security vulnerability exists in MediaTek Chipsets that stems from incorrect boundary checking and could lead to remote code execution...

MediaTek Chipsets 安全漏洞

MediaTek Chipsets is a series of chips from China's MediaTek Corporation MediaTek. A security vulnerability exists in MediaTek Chipsets, which stems from a lack of boundary checking and could lead to local elevation of privilege...

MediaTek Chipsets 安全漏洞

MediaTek Chipsets is a series of chips from China's MediaTek Corporation MediaTek. A security vulnerability exists in MediaTek Chipsets, which stems from a lack of boundary checking and could lead to local elevation of privilege...

MediaTek Chipsets 安全漏洞

MediaTek Chipsets is a series of chips from China's MediaTek Corporation MediaTek. A security vulnerability exists in MediaTek Chipsets, which stems from a lack of boundary checking and could lead to the disclosure of local information...

Google Android Buffer Overflow Vulnerability (CNVD-2025-07523)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from a buffer overflow vulnerability that stems from the program not properly checking boundaries, which can be exploited by an attacker to execute remote code...

MediaTek Chipsets 安全漏洞

MediaTek Chipsets is a series of chips from China's MediaTek Corporation MediaTek. A security vulnerability exists in MediaTek Chipsets, which stems from a lack of boundary checking and could lead to local elevation of privilege...

ROS-20250403-04

A vulnerability in the Go programming language is related to improper syntax correctness checking of input. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service...

CVE-2025-24265

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to cause unexpected system termination...

CVE-2025-30464

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to cause unexpected system termination or corrupt kernel memory...

CVE-2025-24237

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, visionOS 2.4, watchOS 11.4. An app may be able to cause unexpected system termination...

CVE-2025-24266

A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to cause unexpected system termination...

CVE-2025-31184

This issue was addressed with improved permissions checking. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, visionOS 2.4. An app may gain unauthorized access to Local Network...

WordPress plugin Shopper Approved Reviews 安全漏洞

WordPress and WordPress plugin are products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

CVE-2025-21916 usb: atm: cxacru: fix a flaw in existing endpoint checks

In the Linux kernel, the following vulnerability has been resolved: usb: atm: cxacru: fix a flaw in existing endpoint checks Syzbot once again identified a flaw in usb endpoint checking, see 1. This time the issue stems from a commit authored by me 2eabb655a968 "usb: atm: cxacru: fix endpoint...

CVE-2025-21910

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: regulatory: improve invalid hints checking Syzbot keeps reporting an issue 1 that occurs when erroneous symbols sent from userspace get through into useralpha2 via regulatoryhintuser call. Such invalid regulatory...

CVE-2025-3085 MongoDB Server running on Linux may allow unexpected connections where intermediate certificates are revoked

A MongoDB server under specific conditions running on Linux with TLS and CRL revocation status checking enabled, fails to check the revocation status of the intermediate certificates in the peer's certificate chain. In cases of MONGODB-X509, which is not enabled by default, this may lead to...

CVE-2025-31184

This issue was addressed with improved permissions checking. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, visionOS 2.4. An app may gain unauthorized access to Local Network...