ROS-20260505-73-0060

A vulnerability in the email module of the Python programming language interpreter is related to the failure to take measures to neutralize CRLF sequences. Exploitation of the vulnerability could allow a remote attacker to compromise the integrity of protected information...

EUVD-2020-19373

Malware in sbrugna...

CVE-2025-53077

An execution after redirect in Samsung DMSData Management Server allows attackers to execute limited functions without permissions. An attacker could compromise the integrity of the platform by executing this vulnerability...

CVE-2020-2887

Vulnerability in the Oracle Customer Interaction History product of Oracle E-Business Suite component: Outcome-Result. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

SAP S4CORE 安全漏洞

SAP S4CORE is a Managed Procurement Contracts application from SAP, Germany. A security vulnerability exists in SAP S4CORE that originates from data tampering and could result in the modification of entity sets and compromise application integrity...

CVE-2024-47565

A vulnerability has been identified in SINEC Security Monitor All versions V4.9.0. The affected application does not properly validate that user input complies with a list of allowed values. This could allow an authenticated remote attacker to compromise the integrity of the configuration of the...

ROS-20240902-18

A vulnerability in the Flatpak application and environment management tool is related to improper Neutralization of special output elements used by a downstream component. Exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data and compromise its integrity...

CVE-2023-31310

CVE-2023-31310 concerns improper input validation in Power Management Firmware (PMFW). The known issue involves an attacker with privileges sending a malformed input to the set temperature input selection command, potentially leading to loss of integrity and/or availability. The PT-2024-12271 ent...

Microsoft Edge 安全漏洞

Microsoft Edge is a web browser from the American company Microsoft that comes with systems after Windows 10. A security feature bypass vulnerability exists in Microsoft Edge Chromium-based, which can be exploited by attackers to bypass security features and compromise integrity...

CVE-2022-46487

Improper initialization of x87 and SSE floating-point configuration registers in the sconeentry component of SCONE before 5.8.0 for Intel SGX allows a local attacker to compromise the execution integrity of floating-point operations in an enclave or access sensitive information via side-channel...

CVE-2023-49313

A dylib injection vulnerability in XMachOViewer 0.04 allows attackers to compromise integrity. By exploiting this, unauthorized code can be injected into the product's processes, potentially leading to remote control and unauthorized access to sensitive user data...

CVE-2023-49313

CVE-2023-49313 describes a dylib injection vulnerability in XMachOViewer 0.04 that allows unauthorized code to be injected into the product’s processes, potentially enabling remote control and access to sensitive user data. Root cause: dylib injection into XMachOViewer processes. Public entries f...

CVE-2023-49313

A dylib injection vulnerability in XMachOViewer 0.04 allows attackers to compromise integrity. By exploiting this, unauthorized code can be injected into the product's processes, potentially leading to remote control and unauthorized access to sensitive user data...

CVE-2023-38544

A logged in user can modify specific files that may lead to unauthorized changes in system-wide configuration settings. This vulnerability could be exploited to compromise the integrity and security of the network on the affected system...

CVE-2023-37490

SAP Business Objects Installer - versions 420, 430, allows an authenticated attacker within the network to overwrite an executable file created in a temporary directory during the installation process. On replacing this executable with a malicious file, an attacker can completely compromise the...

Design/Logic Flaw

This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR R6700v3 1.0.4.12010.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the downloading of files...

CVE-2022-23455

Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files...

Input validation

NVIDIA Trusted OS contains a vulnerability in an SMC call handler, where failure to validate untrusted input may allow a highly privileged local attacker to cause information disclosure and compromise integrity. The scope of the impact can extend to other components...

CVE-2022-42269

NVIDIA Trusted OS contains a vulnerability in an SMC call handler, where failure to validate untrusted input may allow a highly privileged local attacker to cause information disclosure and compromise integrity. The scope of the impact can extend to other components...

HUAWEI HarmonyOS security module authorization issue vulnerability

HUAWEI HarmonyOS is an operating system from Huawei, China HUAWEI. HUAWEI HarmonyOS version 2.0 contains an authorization issue vulnerability that stems from an incorrect privilege assignment in the application security module, which could be exploited by an attacker to cause the device to...