CVE-2025-59053 AIRI's character card/chat UI is vulnerable to XSS and can lead to RCE

AIRI is a self-hosted, artificial intelligence based Grok Companion. In v0.7.2-beta.2 in the packages/stage-ui/src/components/MarkdownRenderer.vue path, the Markdown content is processed using the useMarkdown composable, and the processed HTML is rendered directly into the DOM using v-html. An...

CVE-2025-57760 Langflow Vulnerable to Privilege Escalation via CLI Superuser Creation

Langflow is a tool for building and deploying AI-powered agents and workflows. A privilege escalation vulnerability exists in Langflow containers where an authenticated user with RCE access can invoke the internal CLI command langflow superuser to create a new administrative user. This results in...

CVE-2025-47857

A improper neutralization of special elements used in an os command 'os command injection' vulnerability CWE-78 in Fortinet FortiWeb CLI version 7.6.0 through 7.6.3 and before 7.4.8 allows a privileged attacker to execute arbitrary code or command via crafted CLI commands...

CVE-2025-32766

A stack-based buffer overflow vulnerability CWE-121 in Fortinet FortiWeb CLI version 7.6.0 through 7.6.3 and before 7.4.8 allows a privileged attacker to execute arbitrary code or commands via crafted CLI commands...

CVE-2025-8286 Güralp Systems Güralp FMUS series Missing Authentication for Critical Function

Güralp FMUS series seismic monitoring devices expose an unauthenticated Telnet-based command line interface that could allow an attacker to modify hardware configurations, manipulate data, or factory reset the device...

CVE-2025-20308

A vulnerability in Cisco Spaces Connector could allow an authenticated, local attacker to elevate privileges and execute arbitrary commands on the underlying operating system as root. This vulnerability is due to insufficient restrictions during the execution of specific CLI commands. An attacker...

CVE-2022-49989

In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: fix error exit of privcmdioctldmop The error exit of privcmdioctldmop is calling unlockpages potentially with pages being NULL, leading to a NULL dereference. Additionally lockpages doesn't check for pinuserpagesfast...

CVE-2023-51148

An issue in TRENDnet Trendnet AC1200 Dual Band PoE Indoor Wireless Access Point TEW-821DAP v.3.00b06 allows an attacker to execute arbitrary code via the 'mycli' command-line interface component...

CVE-2021-25306

A buffer overflow vulnerability in the AT command interface of Gigaset DX600A v41.00-175 devices allows remote attackers to force a device reboot by sending relatively long AT commands...

CVE-2025-20213

A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. To exploit this vulnerability, the attacker must have valid read-only credentials...

[SECURITY] Fedora 40 Update: libxslt-1.1.43-1.fc40

This C library allows to transform XML files into other XML files or HTML, text, ... using the standard XSLT stylesheet transformation mechanism. To use it you need to have a version of libxml2 =3D 2.6.27 installed. The xsltproc command is a command line interface to the XSLT engine...

Audi UTR Dashcam 安全漏洞

Audi UTR Dashcam is a high performance Audi car recorder from Audi Germany. It is used to accurately videotape and record details during driving. A security vulnerability exists in Audi UTR Dashcam version 2.0, which stems from improper access control of the Command API component, and the attack...

microcode_ctl: Improper input validation in XmlCli feature for UEFI firmware

An improper input validation flaw was found in the XmlCli feature for UEFI firmware. Some IntelR processors may allow a privileged user to enable privilege escalation via local access...

Qualcomm Chipsets 输入验证错误漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. An input validation error vulnerability exists in Qualcomm Chipsets that stems from a transient denial of service when processing UCI commands...

PT-2025-8850

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A bug in the Linux kernel allows writing outside the allocated buffer when a specific SCSI IOCTL SEND COMMAND ioctl is used with certain parameters, including out len set to 0xd42, SCSI...

CVE-2024-11864

Specifically crafted SCMI messages sent to an SCP running SCP-Firmware release versions up to and including 2.15.0 may lead to a Usage Fault and crash the SCP...

Qualcomm Chipsets 资源管理错误漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A resource management error vulnerability exists in Qualcomm Chipsets that stems from a memory corruption that occurs when processing frame command IOCTL calls...

CVE-2024-38555

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Discard command completions in internal error Fix use after free when FW completion arrives while device is in internal error state. Avoid calling completion handler in this case, since the device will flush the command...

CVE-2024-38555

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Discard command completions in internal error Fix use after free when FW completion arrives while device is in internal error state. Avoid calling completion handler in this case, since the device will flush the command...

CVE-2024-38555 net/mlx5: Discard command completions in internal error

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Discard command completions in internal error Fix use after free when FW completion arrives while device is in internal error state. Avoid calling completion handler in this case, since the device will flush the command...