CVE-2025-14625 Quartus® Prime Standard and Quartus® Prime Lite Security Advisory

Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Standard on Windows Nios II Command Shell modules, Altera Quartus Prime Lite on Windows Nios II Command Shell modules allows Search Order Hijacking.This issue affects Quartus Prime Standard: from 19.1 through 24.1; Quartus Pri...

CVE-2025-14605 Quartus Prime Pro Edition Advisory

Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Pro on Windows System Console modules allows Search Order Hijacking.This issue affects Quartus Prime Pro: from 17.0 through 25.1.1...

CVE-2025-14605 Quartus Prime Pro Edition Advisory

Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Pro on Windows System Console modules allows Search Order Hijacking.This issue affects Quartus Prime Pro: from 17.0 through 25.1.1...

PT-2026-1545

Name of the Vulnerable Software and Affected Versions versions prior to 2025-47395 Description A temporary denial-of-service DoS condition can occur during the processing of a Wireless Local Area Network WLAN management frame that includes a Vendor Specific Information Element. Recommendations At...

PT-2026-1512

Name of the Vulnerable Software and Affected Versions Altera Quartus Prime Pro versions 24.1 through 24.3.1 Description An uncontrolled search path element issue exists in the Altera Quartus Prime Pro Installer SFX on Windows, allowing for search order hijacking. Recommendations Versions 24.1...

CVE-2025-67268

gpsd contains a heap-based out-of-bounds write in drivers/driver_nmea2000.c (PGN 129540 handling). The hnd_129540 function validates the satellite count against a 184-element skyview array, but an input satellite count up to 255 can overflow the array, causing memory corruption, DoS, and potentia...

Directory Traversal

Overview chainlit is a Build Conversational AI. Affected versions of this package are vulnerable to Directory Traversal via the updatethreadelement and deletethreadelement handlers in backend/chainlit/server.py. An authenticated attacker can read arbitrary files from the server by sending a craft...

CVE-2025-15372

A weakness has been identified in youlaitech vue3-element-admin up to 3.4.0. This issue affects some unknown processing of the file src/views/system/notice/index.vue of the component Notice Handler. This manipulation causes cross site scripting. It is possible to initiate the attack remotely. The...

PT-2026-27698

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the netfilter module related to the validation of open intervals within nft set rbtree. Specifically, the issue arises from the lack of a defined end...

PT-2026-26577

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the netfilter nf tables component where set-nelems is unconditionally incremented before insertion. If the set is full, a new element is published and subsequently...

PT-2026-25791

Name of the Vulnerable Software and Affected Versions Expat affected versions not specified Description The Expat parser, when used with a registered ElementDeclHandler, is susceptible to a C stack overflow when processing an inline document type definition with a deeply nested content model. Thi...

CVE-2025-15372

A weakness has been identified in youlaitech vue3-element-admin up to 3.4.0. This issue affects some unknown processing of the file src/views/system/notice/index.vue of the component Notice Handler. This manipulation causes cross site scripting. It is possible to initiate the attack remotely. The...

CVE-2025-15372

A weakness has been identified in youlaitech vue3-element-admin up to 3.4.0. This issue affects some unknown processing of the file src/views/system/notice/index.vue of the component Notice Handler. This manipulation causes cross site scripting. It is possible to initiate the attack remotely. The...

CVE-2025-15372 youlaitech vue3-element-admin Notice index.vue cross site scripting

A weakness has been identified in youlaitech vue3-element-admin up to 3.4.0. This issue affects some unknown processing of the file src/views/system/notice/index.vue of the component Notice Handler. This manipulation causes cross site scripting. It is possible to initiate the attack remotely. The...

CVE-2025-15372 youlaitech vue3-element-admin Notice index.vue cross site scripting

A weakness has been identified in youlaitech vue3-element-admin up to 3.4.0. This issue affects some unknown processing of the file src/views/system/notice/index.vue of the component Notice Handler. This manipulation causes cross site scripting. It is possible to initiate the attack remotely. The...

CVE-2025-15372

The vulnerability is in youlaitech Vue3 Element Admin up to 3.4.0, affecting the Notice Handler component (src/views/system/notice/index.vue). The issue enables cross-site scripting due to unspecified input handling, with remote exploitation possible and a public PoC available. Multiple sources r...

PT-2025-54270

A weakness has been identified in youlaitech vue3-element-admin up to 3.4.0. This issue affects some unknown processing of the file src/views/system/notice/index.vue of the component Notice Handler. This manipulation causes cross site scripting. It is possible to initiate the attack remotely. The...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992947)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992947 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Initialize getbytesperelement's default to 1 Variables, used as denominators and...

vue3-element-admin 安全漏洞

vue3-element-admin is a backend administration front-end template open-sourced by the Yurai Open Source Organization. A security vulnerability exists in vue3-element-admin version 3.4.0 and earlier, which stems from an incorrect operation of the file src/views/system/notice/index.vue, which could...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992837)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992837 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: fix buffer overflow in elem comparison For vendor elements, the code here assumes...