213 matches found
CVE-2026-1675
The Advanced Country Blocker plugin for WordPress is vulnerable to Authorization Bypass in all versions up to, and including, 2.3.1 due to the use of a predictable default value for the secret bypass key created during installation without requiring users to change it. This makes it possible for...
CVE-2019-2120
In OatFileAssistant::GenerateOatFile of oatfileassistant.cc, there is a possible file corruption issue due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product:...
CVE-2024-34734
In onForegroundServiceButtonClicked of FooterActionsViewModel.kt, there is a possible way to disable the active VPN app from the lockscreen due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an improperly set default value when creating a CQ in mlx5, which could lead to a null pointer exception...
CVE-2025-48629
In findAvailRecognizer of VoiceInteractionManagerService.java, there is a possible way to become the default speech recognizer app due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2025-48629
In findAvailRecognizer of VoiceInteractionManagerService.java, there is a possible way to become the default speech recognizer app due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2025-48629
In findAvailRecognizer of VoiceInteractionManagerService.java, there is a possible way to become the default speech recognizer app due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2025-48629
In findAvailRecognizer of VoiceInteractionManagerService.java, there is a possible way to become the default speech recognizer app due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2025-48629
CVE-2025-48629 affects the Android framework component in which the insecure default for the default speech recognizer app can be exploited via the VoiceInteractionManagerService.findAvailRecognizer. The root cause is an insecure default value in this method, enabling local privilege escalation w...
ASB-A-352518318
In findAvailRecognizer of VoiceInteractionManagerService.java, there is a possible way to become the default speech recognizer app due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
SUSE CVE-2025-40154
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: bytcrrt5640: Fix invalid quirk input mapping When an invalid value is passed via quirk option, currently bytcrrt5640 driver only shows an error message but leaves as is. This may lead to unepxected results like OOB...
CVE-2025-40154
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: bytcrrt5640: Fix invalid quirk input mapping When an invalid value is passed via quirk option, currently bytcrrt5640 driver only shows an error message but leaves as is. This may lead to unepxected results like OOB...
EUVD-2025-124929
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: bytcrrt5640: Fix invalid quirk input mapping When an invalid value is passed via quirk option, currently bytcrrt5640 driver only shows an error message but leaves as is. This may lead to unepxected results like OOB...
CVE-2025-40121
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: bytcrrt5651: Fix invalid quirk input mapping When an invalid value is passed via quirk option, currently bytcrrt5640 driver just ignores and leaves as is, which may lead to unepxected results like OOB access. This...
UBUNTU-CVE-2025-40154
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: bytcrrt5640: Fix invalid quirk input mapping When an invalid value is passed via quirk option, currently bytcrrt5640 driver only shows an error message but leaves as is. This may lead to unepxected results like OOB...
CVE-2025-40154 ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: bytcrrt5640: Fix invalid quirk input mapping When an invalid value is passed via quirk option, currently bytcrrt5640 driver only shows an error message but leaves as is. This may lead to unepxected results like OOB...
CVE-2025-40154 ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: bytcrrt5640: Fix invalid quirk input mapping When an invalid value is passed via quirk option, currently bytcrrt5640 driver only shows an error message but leaves as is. This may lead to unepxected results like OOB...
CVE-2025-40121
CVE-2025-40121 affects the Linux kernel ASoC Intel bytcr_rt5651 driver. The issue arises when an invalid value is passed to the quirk option, previously causing the bytcr_rt5651/bytcr_rt5640 path to ignore the invalid input and proceed with potentially unsafe mappings. The patch adds a sanity che...
CVE-2025-40121 ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: bytcrrt5651: Fix invalid quirk input mapping When an invalid value is passed via quirk option, currently bytcrrt5640 driver just ignores and leaves as is, which may lead to unepxected results like OOB access. This...
Linux Distros Unpatched Vulnerability : CVE-2025-40154
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ASoC: Intel: bytcrrt5640: Fix invalid quirk input mapping When an invalid value is passed via quirk option, currently bytcrrt5640 driver only shows an error...