6 matches found
Google Android suffers from unspecified vulnerability (CNVD-2026-14648)
Google Android is a Linux-based open source operating system from Google. A security vulnerability exists in Google Android, which stems from improper input validation of the loadDescription function in DeviceAdminInfo.java, and can be exploited by an attacker to cause a local elevation of...
WorkDo HRMGo 跨站脚本漏洞
WorkDo HRMGo is a human resource management platform from WorkDo Inc. in the United States. WorkDo HRMGo suffers from a cross-site scripting vulnerability that stems from insufficient validation of user input for the subject and description parameters when sending a POST request to /store-ticket,...
CVE-2025-15013 floooh sokol sokol_gfx.h _sg_validate_pipeline_desc stack-based overflow
A vulnerability was identified in floooh sokol up to 5d11344150973f15e16d3ec4ee7550a73fb995e0. The impacted element is the function sgvalidatepipelinedesc in the library sokolgfx.h. Such manipulation leads to stack-based buffer overflow. The attack must be carried out locally. The exploit is...
EUVD-2025-124924
In the Linux kernel, the following vulnerability has been resolved: xsk: Harden userspace-supplied xdpdesc validation Turned out certain clearly invalid values passed in xdpdesc from userspace can pass xp,unalignedvalidatedesc and then lead to UBs or just invalid frames to be queued for xmit...
CVE-2024-34067 Multiple cross site scripting (XSS) vulnerabilities in the admin area of Pterodactyl panel
Pterodactyl is a free, open-source game server management panel built with PHP, React, and Go. Importing a malicious egg or gaining access to wings instance could lead to cross site scripting XSS on the panel, which could be used to gain an administrator account on the panel. Specifically, the...
CVE-2022-2592
Removed by vendor...