7999 matches found
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. Google Android suffers from a letter disclosure vulnerability, which is caused by a logic error in multiple locations. An attacker can exploit the vulnerability to potentially cause a local information leak...
Google Android elevation of privilege vulnerability (CNVD-2026-00036)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which is caused by a logic error in the code at multiple locations. The vulnerability can be exploited by an attacker to gain elevated privileges on the...
Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays.
...
multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880.
...
Advisory ROSA-SA-2025-2954
Software: kernel 4.18.0 OS: ROSA Virtualization 2.1 unaffected versions = kernel-4.18.0-553.40.1.el810 affected versions kernel-4.18.0-553.40.1.el810 CVE-ID: CVE-2022-0847 BDU-ID: 2022-01166 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the copypagetoiterpipe and pushpipe functions of the Linux...
Malicious code in @rbacore/errors (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...
MAL-2025-41918 Malicious code in @rbacore/errors (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...
Hidden Vulnerabilities of Project Management Tools & How FluentPro Backup Secures Them
Every day, businesses, teams, and project managers trust platforms like Trello, Asana, etc., to collaborate and manage tasks. But what happens when that trust is broken? According to a recent report by Statista, the average cost of a data breach worldwide was about $4.88 million. Also, in 2024, t...
IBM Security Verify Governance Identity Manager 安全漏洞
IBM Security Verify Governance Identity Manager is IBM's identity governance and management solution for centralized management of enterprise user identities and access rights. An information disclosure vulnerability exists in IBM Security Verify Governance Identity Manager 10.0.2, which stems fr...
Google Android elevation of privilege vulnerability (CNVD-2025-19982)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which is caused due to logic error code in multiple locations. The vulnerability can be exploited by an attacker to gain elevated privileges on the system...
Insertion of Sensitive Information into Log File
Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File via the process of logging error details during SQL query execution. An attacker can obtain sensitive information by intentionally causing SQL errors and subsequently accessing the log...
traQ Allows Insertion of Sensitive Information into Log File
Impact A vulnerability exists where sensitive information, such as OAuth tokens, is recorded in log files when an error occurs during the execution of an SQL query. An attacker could intentionally trigger an SQL error by methods such as placing a high load on the database. This could allow an...
CVE-2025-57813
traQ is a messenger application built for Digital Creators Club traP. Prior to version 3.25.0, a vulnerability exists where sensitive information, such as OAuth tokens, are recorded in log files when an error occurs during the execution of an SQL query. An attacker could intentionally trigger an...
CVE-2025-57813 Insertion of Sensitive Information into Log File in github.com/traPtitech/traQ
traQ is a messenger application built for Digital Creators Club traP. Prior to version 3.25.0, a vulnerability exists where sensitive information, such as OAuth tokens, are recorded in log files when an error occurs during the execution of an SQL query. An attacker could intentionally trigger an...
CVE-2025-57813 Insertion of Sensitive Information into Log File in github.com/traPtitech/traQ
traQ is a messenger application built for Digital Creators Club traP. Prior to version 3.25.0, a vulnerability exists where sensitive information, such as OAuth tokens, are recorded in log files when an error occurs during the execution of an SQL query. An attacker could intentionally trigger an...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which is caused due to logic error code in multiple locations. The vulnerability can be exploited by an attacker to gain elevated privileges on the system...
WhatWeb Scanner 0.6.2
WhatWeb is a next-generation web scanner. WhatWeb recognizes web technologies including content management systems CMS, blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb has over 1800 plugins, each to recognize something different...
PT-2025-49072
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw on nios2 systems where the memblock.current limit is not properly initialized when CONFIG FLATMEM is enabled. This can lead to max low pfn exceeding the...
Linux Distros Unpatched Vulnerability : CVE-2016-9852
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display...
Linux Distros Unpatched Vulnerability : CVE-2019-8425
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - includes/database.php in ZoneMinder before 1.32.3 has XSS in the construction of SQL-ERR messages. CVE-2019-8425 Note that Nessus relies on the presence of the...