CVE-2025-14006

A security vulnerability has been detected in dayrui XunRuiCMS up to 4.7.1. Affected by this issue is some unknown functionality of the file /admind45f74adbd95.php?c=field=add=site=1=1 of the component Add Data Validation Page. The manipulation of the argument dataname leads to cross site...

abrt security update

2.10.9-25.0.1 - Replaces sosreport to sos report in sosreport-event.conf Orabug: 38590929 - abrt-dump-oops-Fix-vmcore-call-trace-parsing-arm Orabug: 34184473 - Disable autoreporting on Oracle Linux Orabug: 32890748 - Add orabug32082455-Upstreamreferenceinpython3-abrt-addon.patch Orabug: 32082455 ...

EUVD-2025-201188

A security vulnerability has been detected in dayrui XunRuiCMS up to 4.7.1. Affected by this issue is some unknown functionality of the file /admind45f74adbd95.php?c=field&m=add&rname=site&rid=1&page=1 of the component Add Data Validation Page. The manipulation of the argument dataname leads to...

CVE-2025-14006

A security vulnerability has been detected in dayrui XunRuiCMS up to 4.7.1. Affected by this issue is some unknown functionality of the file /admind45f74adbd95.php?c=field&m=add&rname=site&rid=1&page=1 of the component Add Data Validation Page. The manipulation of the argument dataname leads to...

CVE-2025-14006 dayrui XunRuiCMS Add Data Validation admind45f74adbd95.php cross site scripting

A security vulnerability has been detected in dayrui XunRuiCMS up to 4.7.1. Affected by this issue is some unknown functionality of the file /admind45f74adbd95.php?c=field&m=add&rname=site&rid=1&page=1 of the component Add Data Validation Page. The manipulation of the argument dataname leads to...

CVE-2025-14006

CVE-2025-14006 affects dayrui XunRuiCMS up to version 4.7.1. The vulnerability lies in the file /admind45f74adbd95.php?c=field&m=add&rname=site&rid=1&page=1, where manipulating the argument data[name] enables cross-site scripting. The issue is exploitable remotely and the public exploit has been ...

PT-2025-49028

Name of the Vulnerable Software and Affected Versions dayrui XunRuiCMS versions up to 4.7.1 Description A security issue exists in dayrui XunRuiCMS. The issue is related to cross site scripting, potentially allowing remote attacks. The manipulation of the dataname argument in the file...

gimp: GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

A heap-based buffer overflow vulnerability was discovered in GIMP’s DICOM DCM file parser. The flaw occurs because the application fails to properly validate the length of user-supplied data before copying it to a heap buffer. This can lead to arbitrary code execution when a user opens a speciall...

Interpretation Conflict

Overview node-forge is a JavaScript implementations of network transports, cryptography, ciphers, PKI, message digests, and various utilities. Affected versions of this package are vulnerable to Interpretation Conflict via the asn1.validate function. An attacker can cause schema validation to...

(0Day) Digilent DASYLab DSB File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Digilent DASYLab. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DS...

Adobe USD-Fileformat-plugins Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe USD-Fileformat-plugins. Interaction with the USD library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within t...

[SECURITY] Fedora 43 Update: python-pydantic-2.12.4-1.fc43

Data validation and settings management using python type hinting...

[SECURITY] Fedora 43 Update: python-pydantic-2.12.3-1.fc43

Data validation and settings management using python type hinting...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990195)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990195 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: wext: add extra SIOCSIWSCAN data check In 'cfg80211wextsiwscan', add extra check...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989502)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989502 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: emux: improve patch ioctl data validation In loaddata, make the validation of and skipping...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989712)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989712 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: wext: add extra SIOCSIWSCAN data check In 'cfg80211wextsiwscan', add extra check...

CVE-2025-10920

GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open...

net: nfc: nci: Add parameter validation for packet data

...

SUSE CVE-2025-40043

In the Linux kernel, the following vulnerability has been resolved: net: nfc: nci: Add parameter validation for packet data Syzbot reported an uninitialized value bug in nciinitreq, which was introduced by commit 5aca7966d2a7 "Merge tag 'perf-tools-fixes-for-v6.17-2025-09-16' of...

CVE-2025-40043

Publicly available connected documents do not include concrete technical details for CVE-2025-40043 beyond the initial description; monitor for updates as new information may emerge.