CVE-2025-1147

CVE-2025-1147 refers to a buffer overflow in GNU Binutils 2.43, specifically in nm.c:__sanitizer::internal_strlen. Connected advisories indicate the fix is in Binutils 2.45, with openSUSE/SUSE advisories recommending upgrading to 2.45 (and related patch content). The vulnerability is exploitable ...

CVE-2025-1147 GNU Binutils nm nm.c internal_strlen buffer overflow

A vulnerability has been found in GNU Binutils 2.43 and classified as problematic. Affected by this vulnerability is the function sanitizer::internalstrlen of the file binutils/nm.c of the component nm. The manipulation of the argument const leads to buffer overflow. The attack can be launched...

CVE-2025-1147 GNU Binutils nm nm.c internal_strlen buffer overflow

A vulnerability has been found in GNU Binutils 2.43 and classified as problematic. Affected by this vulnerability is the function sanitizer::internalstrlen of the file binutils/nm.c of the component nm. The manipulation of the argument const leads to buffer overflow. The attack can be launched...

CVE-2025-1081

A vulnerability was found in Bharti Airtel Xstream Fiber up to 20250123. It has been rated as problematic. This issue affects some unknown processing of the component WiFi Password Handler. The manipulation leads to use of weak credentials. The attack needs to be done within the local network. Th...

CVE-2025-1081 Bharti Airtel Xstream Fiber WiFi Password weak credentials

A vulnerability was found in Bharti Airtel Xstream Fiber up to 20250123. It has been rated as problematic. This issue affects some unknown processing of the component WiFi Password Handler. The manipulation leads to use of weak credentials. The attack needs to be done within the local network. Th...

PT-2025-5873 · Bharti Airtel · Bharti Airtel Xstream Fiber

Name of the Vulnerable Software and Affected Versions: Bharti Airtel Xstream Fiber up to 20250123 Description: A vulnerability was found in the WiFi Password Handler component, leading to the use of weak credentials. The attack must be done within the local network and has a high complexity, maki...

CVE-2024-28996

The SolarWinds Platform was determined to be affected by a SWQL Injection Vulnerability. Attack complexity is high for this vulnerability...

CVE-2025-0870 Axiomatic Bento4 Ap4DataBuffer.h GetData heap-based overflow

A vulnerability was found in Axiomatic Bento4 up to 1.6.0-641. It has been rated as critical. Affected by this issue is the function AP4DataBuffer::GetData in the library Ap4DataBuffer.h. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The complexity of ...

CVE-2025-0870 Axiomatic Bento4 Ap4DataBuffer.h GetData heap-based overflow

A vulnerability was found in Axiomatic Bento4 up to 1.6.0-641. It has been rated as critical. Affected by this issue is the function AP4DataBuffer::GetData in the library Ap4DataBuffer.h. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The complexity of ...

CVE-2025-0798

Summary: CVE-2025-0798 affects MicroWorld eScan Antivirus 7.0.32 on Linux, targeting the Quarantine Handler’s |rtscanner| file. The underlying issue is an operating system command injection that can be triggered remotely. The attack is described as high complexity and previously disclosed. Affect...

Security Bulletin: A vulnerability in react affects IBM Robotic Process Automation and may result in a denial of service (CVE-2024-45296).

Summary A vulnerability in React affects IBM Robotic Process Automation and may result in a denial of service. React is used by IBM Robotic Process Automation as part of it's UI Framework. This bulletin identifies the security fix to apply to address the vulnerability. Vulnerability Details...

Security Bulletin: IBM App Connect Enterprise is vulnerable to backtracking due to path-to-regexp (CVE-2024-52798)

Summary IBM App Connect Enterprise Connector Discovery and OpenAPI Editor and IBM App Connect Enterprise Discovery Connectors are vulnerable to backtracking due to path-to-regexp. Vulnerability Details CVEID:CVE-2024-52798 DESCRIPTION: path-to-regexp turns path strings into a regular expressions...

CVE-2025-0733

A vulnerability, which was classified as problematic, was found in Postman up to 11.20 on Windows. This affects an unknown part in the library profapi.dll. The manipulation leads to untrusted search path. An attack has to be approached locally. The complexity of an attack is rather high. The...

CVE-2025-0733 Postman profapi.dll untrusted search path

A vulnerability, which was classified as problematic, was found in Postman up to 11.20 on Windows. This affects an unknown part in the library profapi.dll. The manipulation leads to untrusted search path. An attack has to be approached locally. The complexity of an attack is rather high. The...

CVE-2025-0733 Postman profapi.dll untrusted search path

A vulnerability, which was classified as problematic, was found in Postman up to 11.20 on Windows. This affects an unknown part in the library profapi.dll. The manipulation leads to untrusted search path. An attack has to be approached locally. The complexity of an attack is rather high. The...

CVE-2025-0733

CVE-2025-0733 pertains to Postman (Windows) up to version 11.20, affecting an unspecified part of profapi.dll. The issue enables an untrusted search path via local access, with attack complexity described as high and exploitability deemed difficult. Public documentation notes a denial of a confir...

CVE-2025-0732 Discord profapi.dll untrusted search path

A vulnerability, which was classified as problematic, has been found in Discord up to 1.0.9177 on Windows. Affected by this issue is some unknown functionality in the library profapi.dll. The manipulation leads to untrusted search path. The attack needs to be approached locally. The complexity of...

CVE-2025-0732

CVE-2025-0732 affects Discord up to version 1.0.9177 on Windows. The issue concerns an unknown capability in the profapi.dll library that allows an untrusted search path to be exploited. Exploitation requires local access with high attack complexity and low privileges; user interaction is not req...

Regular expression Denial of Service - ReDoS

Description A Regular Expression Denial of Service ReDoS vulnerability was identified in the Transformers library, specifically in the file tokenizationgptneoxjapanese.py of the GPT-NeoX-Japanese model. The vulnerability occurs in the SubWordJapaneseTokenizer class, where regular expressions...

CVE-2025-0625

A vulnerability, which was classified as problematic, was found in CampCodes School Management Software 1.0. This affects an unknown part of the component Attachment Handler. The manipulation leads to improper control of resource identifiers. It is possible to initiate the attack remotely. The...