ROS-20250807-05

The vulnerability of the RESTEasy software tool is related to incorrect input data validation, leading to the return of an invalid header that is integrated into the server response. Exploitation of the vulnerability could Allow an attacker acting remotely to execute arbitrary code A vulnerabilit...

Huawei HarmonyOS和Huawei EMUI 安全漏洞

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scene distributed operating system based on a microkernel.Huawei EMUI is an emotional operating system developed by Huawei based on Android Android. An out-of-bounds access vulnerability exists in Huawei...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is Huawei's self-developed distributed operating system for all scenarios. Huawei HarmonyOS suffers from an out-of-bounds access vulnerability, which is due to insufficient data validation in the location services module, and can be exploited by an attacker to affect availability...

Huawei HarmonyOS和Huawei EMUI 安全漏洞

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scene distributed operating system based on a microkernel.Huawei EMUI is an emotional operating system developed by Huawei based on Android Android. An out-of-bounds access vulnerability exists in Huawei...

Huawei HarmonyOS和Huawei EMUI 安全漏洞

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scene distributed operating system based on a microkernel.Huawei EMUI is an emotional operating system developed by Huawei based on Android Android. An out-of-bounds access vulnerability exists in Huawei...

Huawei HarmonyOS和Huawei EMUI 安全漏洞

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scene distributed operating system based on a microkernel.Huawei EMUI is an emotional operating system developed by Huawei based on Android Android. A buffer overflow vulnerability exists in Huawei HarmonyO...

Huawei HarmonyOS和Huawei EMUI 安全漏洞

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scene distributed operating system based on a microkernel.Huawei EMUI is an emotional operating system developed by Huawei based on Android Android. A buffer overflow vulnerability exists in Huawei HarmonyO...

Huawei HarmonyOS和Huawei EMUI 安全漏洞

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scene distributed operating system based on a microkernel.Huawei EMUI is an emotional operating system developed by Huawei based on Android Android. Huawei HarmonyOS and EMUI are vulnerable to a buffer...

ROS-20250806-02

A vulnerability in the modauthopenidc module of the Apache HTTP Server HTTPD web server is related to insufficient user data validation when OIDCPreservePost is enabled in modauthopenidc. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...

CVE-2025-48074

OpenEXR (v3.3.2) is vulnerable due to unvalidated dataWindow size values in file headers, causing excessive memory allocation and potential performance degradation or denial of service. The issue is fixed in v3.3.3; affected component is the OpenEXR EXR reader/writer code that processes header da...

ROS-20250731-01

Vulnerability in the implementation of OAuth request signing logic for Python OAuthLib is due to insufficient user data validation in urivalidate functions. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

CVE-2025-43267

An injection issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.6. An app may be able to access sensitive user data...

Autodesk AutoCAD PRT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PR...

Autodesk AutoCAD PRT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PR...

Autodesk AutoCAD 3DM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3D...

Apple macOS USD importNodeAnimations Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the USD library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the USD...

Apple macOS USD importMeshes Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the USD library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the USD library. T...

CVE-2025-38494 HID: core: do not bypass hid_hw_raw_request

In the Linux kernel, the following vulnerability has been resolved: HID: core: do not bypass hidhwrawrequest hidhwrawrequest is actually useful to ensure the provided buffer and length are valid. Directly calling in the low level transport driver function bypassed those checks and allowed invalid...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the dell-wmi-sysman module not verifying the validity of a WMI data block, which could lead to invalid...

CVE-2025-7231

INVT VT-Designer PM3 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of INVT VT-Designer. User interaction is required to exploit this vulnerability in that the target must visit a...