812 matches found
Cisco Nexus Dashboard < 4.1(1g) Multiple Vulnerabilities (cisco-sa-nshs-urapi-gJuBVFpu)
According to its self-reported version, Cisco Nexus Dashboard is affected by multiple vulnerabilities. - A vulnerability in the REST API endpoints of Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller NDFC could allow an authenticated, low-privileged, remote attacker to view...
CVE-2025-20347
A vulnerability in the REST API endpoints of Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller NDFC could allow an authenticated, low-privileged, remote attacker to view sensitive information or upload and modify files on an affected device. This vulnerability exists because of...
PT-2025-34898 · Cisco · Cisco Nexus Dashboard +1
Name of the Vulnerable Software and Affected Versions: Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller NDFC affected versions not specified Description: A vulnerability exists in the REST API endpoints of Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller NDFC. Th...
Scam hunter scammed by tax office impersonators
The next time you shake your head at another online scam and vow that you'd never fall for it, remember that even the most tech-savvy people can sometimes slip up. A case in point: Julie-Anne Kearns. This self-made scam-hunter told her story to the Guardian last week, revealing how she had been...
Realistic Vulnerabilities of Decoy-State Quantum Key Distribution
We analyze realistic vulnerabilities of decoy-state quantum key distribution QKD arising from the combination of laser damage attack LDA and unambiguous state discrimination USD. While decoy-state QKD is designed to protect against photon-number-splitting and beam-splitting attacks by accurately...
The vulnerability of the ath11k_core_halt() function in the drivers/net/wireless/ath/ath11k/core.c kernel module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the ath11kcorehalt function in the drivers/net/wireless/ath/ath11k/core.c kernel module of the Linux operating system is related to damage to a node in the arvifs list due to incorrect initialization of resources. Exploiting this vulnerability can allow an attacker to cause a...
CVE-2025-24004
A physical attacker with access to the device display via USB-C can send a message to the device which triggers an unsecure copy to a buffer resulting in loss of integrity and a temporary denial-of-service for the stations until they got restarted by the watchdog...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the lack of an automatic downclocking mechanism for GPUs, which could lead to hardware overheating and damag...
CVE-2025-49157
A link following vulnerability in the Trend Micro Apex One Damage Cleanup Engine could allow a local attacker to escalation privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...
SUSE CVE-2022-50221
In the Linux kernel, the following vulnerability has been resolved: drm/fb-helper: Fix out-of-bounds access Clip memory range to screen-buffer size to avoid out-of-bounds access in fbdev deferred I/O's damage handling. Fbdev's deferred I/O can only track pages. From the range of pages, the damage...
Advantech WISE 4060LAN / IoT Gateway Packet Injection
Remote attackers can execute Modbus commands to WISE-4060/LAN module and manipulate the DO channels. This could lead to unauthorized control of connected devices, such as turning systems on or off, causing disruptions or unsafe conditions. In industrial settings, the DO channels might control...
DEBIAN-CVE-2022-50221
In the Linux kernel, the following vulnerability has been resolved: drm/fb-helper: Fix out-of-bounds access Clip memory range to screen-buffer size to avoid out-of-bounds access in fbdev deferred I/O's damage handling. Fbdev's deferred I/O can only track pages. From the range of pages, the damage...
UBUNTU-CVE-2022-50221
In the Linux kernel, the following vulnerability has been resolved: drm/fb-helper: Fix out-of-bounds access Clip memory range to screen-buffer size to avoid out-of-bounds access in fbdev deferred I/O's damage handling. Fbdev's deferred I/O can only track pages. From the range of pages, the damage...
CVE-2022-50221 drm/fb-helper: Fix out-of-bounds access
In the Linux kernel, the following vulnerability has been resolved: drm/fb-helper: Fix out-of-bounds access Clip memory range to screen-buffer size to avoid out-of-bounds access in fbdev deferred I/O's damage handling. Fbdev's deferred I/O can only track pages. From the range of pages, the damage...
CVE-2025-49157
A link following vulnerability in the Trend Micro Apex One Damage Cleanup Engine could allow a local attacker to escalation privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...
Trend Micro Apex One Damage Cleanup Engine 安全漏洞
Trend Micro Apex One Damage Cleanup Engine is a malware scanning engine from Trend Micro. A security vulnerability exists in Trend Micro Apex One Damage Cleanup Engine, which stems from a link following issue that could lead to local elevation of privilege...
Trend Micro Apex One Damage Cleanup Engine Link Following Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...
The vulnerability in the implementation of IOCTL commands in Qualcomm’s embedded software allows a hacker to damage memory.
The vulnerability of the IOCTL command implementation in Qualcomm’s embedded software lies in the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to damage the memory...
The vulnerability of embedded Qualcomm microprogramming software, related to access control errors, allows attackers to damage memory.
The vulnerability of embedded Qualcomm software programs is related to access control errors. Exploiting this vulnerability can allow attackers to damage memory...
CVE-2025-32015 FreshRSS vulnerable to Cross-site Scripting by embedding <script> tag inside <iframe srcdoc>
FreshRSS is a self-hosted RSS feed aggregator. Prior to version 1.26.2, HTML is sanitized improperly inside the attribute, which leads to cross-site scripting XSS by loading an attacker's UserJS inside . In order to execute the attack, the attacker needs to control one of the victim's feeds and...