19181 matches found
CVE-2025-62721 LinkAce: Authorization Bypass Allows Unauthorized Access to All Private Links, Lists, and Tags
LinkAce is a self-hosted archive to collect website links. In versions 2.3.1 and below, authenticated RSS feed endpoints in the FeedController class fail to implement proper authorization checks, allowing any authenticated user to access all links, lists, and tags from all users in the system,...
CVE-2025-62720
CVE-2025-62720 affects the LinkAce self-hosted archive. The vulnerability lies in the ExportController HTML/CSV export paths, which retrieve all links without applying ownership or visibility filtering, enabling any authenticated user to exfiltrate private links from all users. Affected versions ...
CVE-2025-12623
A vulnerability was identified in fushengqian fuint up to 41e26be8a2c609413a0feaa69bdad33a71ae8032. Affected by this issue is some unknown functionality of the file fuint-application/src/main/java/com/fuint/module/clientApi/controller/ClientSignController.java of the component Authentication Toke...
CVE-2025-47370 Reachable Assertion in BT Controller
Transient DOS when a remote device sends an invalid connection request during BT connectable LE scan...
CVE-2025-47370
Technical details, affected product/versions, root cause, and fixes for CVE-2025-47370 are not publicly provided in the supplied documents. Monitor for updates from vendors/security bulletins.
LinkAce 访问控制错误漏洞
LinkAce is a self-hosted archive of links to your favorite websites by Kevin Woblick Individual Developer. An Access Control Error vulnerability exists in LinkAce 2.3.1 and prior versions, which stems from the HTML and CSV export functionality in the ExportController class not applying ownership ...
PT-2025-44933
Name of the Vulnerable Software and Affected Versions Bluetooth affected versions not specified Description A temporary denial-of-service condition can occur when a remote device sends an invalid connection request during a Bluetooth Low Energy LE connectable scan. This issue is related to an...
PT-2025-44971
Name of the Vulnerable Software and Affected Versions Linksys Wireless Network Controller Driver affected versions not specified Description The wlan AP driver contains a potential out-of-bounds write issue stemming from an incorrect bounds check. Successful exploitation could allow a malicious...
PT-2025-49093
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw where an invalid memory access can occur in the cros ec keyb process function when receiving an EC MKBP EVENT KEY MATRIX event. This happens if cros ec...
EUVD-2025-37478
A vulnerability was identified in fushengqian fuint up to 41e26be8a2c609413a0feaa69bdad33a71ae8032. Affected by this issue is some unknown functionality of the file fuint-application/src/main/java/com/fuint/module/clientApi/controller/ClientSignController.java of the component Authentication Toke...
CVE-2025-12623 fushengqian fuint Authentication Token ClientSignController.java authorization
A vulnerability was identified in fushengqian fuint up to 41e26be8a2c609413a0feaa69bdad33a71ae8032. Affected by this issue is some unknown functionality of the file fuint-application/src/main/java/com/fuint/module/clientApi/controller/ClientSignController.java of the component Authentication Toke...
fuint 安全漏洞
fuint is an all-in-one system for store cashier, online loyalty center, and marketing by zach personal developer. A security vulnerability exists in fuint, which originates from a flaw in the authentication token processing component in file...
CVE-2025-61724 vulnerabilities
Vulnerabilities for packages: mesosphere-vsphere-csi, container-object-storage-interface, etcd, go-licenses, ini-file, skaffold, sops, node-problem-detector, nova, azurefile-csi, gops, terraform, pvc-autoresizer, spire-controller-manager, cloud-provider-gcp-cloud-controller-manager, speedtest-go,...
CVE-2025-61723 vulnerabilities
Vulnerabilities for packages: mesosphere-vsphere-csi, container-object-storage-interface, etcd, go-licenses, ini-file, skaffold, sops, node-problem-detector, nova, azurefile-csi, gops, terraform, pvc-autoresizer, spire-controller-manager, cloud-provider-gcp-cloud-controller-manager, speedtest-go,...
CVE-2025-58187 vulnerabilities
Vulnerabilities for packages: coredns, container-object-storage-interface, etcd, terraform, gke-gcloud-auth-plugin, ko, falco-no-driver, elvish, kuberlr, prometheus-blackbox-exporter, cloud-provider-azure, cosign, velero, protoc-gen-go-grpc, wgcf, ipfs-cluster, direnv, harbor, pulumi-language-jav...
GHSA-9GCR-GP5F-JW27 vulnerabilities
Vulnerabilities for packages: mesosphere-vsphere-csi, container-object-storage-interface, etcd, go-licenses, ini-file, skaffold, sops, node-problem-detector, nova, azurefile-csi, gops, terraform, pvc-autoresizer, spire-controller-manager, cloud-provider-gcp-cloud-controller-manager, speedtest-go,...
GHSA-HJX7-FPXX-MJ48 vulnerabilities
Vulnerabilities for packages: mesosphere-vsphere-csi, container-object-storage-interface, etcd, go-licenses, ini-file, skaffold, sops, node-problem-detector, nova, azurefile-csi, gops, terraform, pvc-autoresizer, spire-controller-manager, cloud-provider-gcp-cloud-controller-manager, speedtest-go,...
GHSA-WCW9-47FP-RRFR vulnerabilities
Vulnerabilities for packages: mesosphere-vsphere-csi, container-object-storage-interface, etcd, go-licenses, ini-file, skaffold, sops, node-problem-detector, nova, azurefile-csi, gops, terraform, pvc-autoresizer, spire-controller-manager, cloud-provider-gcp-cloud-controller-manager, speedtest-go,...
GHSA-RJCG-56PH-3QVG vulnerabilities
Vulnerabilities for packages: mesosphere-vsphere-csi, container-object-storage-interface, etcd, go-licenses, ini-file, skaffold, sops, node-problem-detector, nova, azurefile-csi, gops, terraform, pvc-autoresizer, spire-controller-manager, cloud-provider-gcp-cloud-controller-manager, speedtest-go,...
GHSA-QH38-484V-W52X vulnerabilities
Vulnerabilities for packages: container-object-storage-interface, etcd, go-licenses, ini-file, skaffold, sops, node-problem-detector, nova, azurefile-csi, gops, terraform, pvc-autoresizer, spire-controller-manager, cloud-provider-gcp-cloud-controller-manager, speedtest-go, gke-gcloud-auth-plugin,...