CVE-2021-0904

In SRAMROM, there is a possible permission bypass due to an insecure permission setting. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06076938; Issue ID: ALPS06076938...

EUVD-2025-23381

Malicious code in bioql PyPI...

EUVD-2022-25310

Malicious code in bioql PyPI...

EUVD-2022-26932

Malicious code in bioql PyPI...

EUVD-2022-26918

Malicious code in bioql PyPI...

EUVD-2025-16978

Malicious code in bioql PyPI...

EUVD-2022-26931

Malicious code in bioql PyPI...

EUVD-2023-24918

Malicious code in bioql PyPI...

EUVD-2024-17727

Malicious code in bioql PyPI...

EUVD-2022-25298

Malicious code in bioql PyPI...

EUVD-2023-46896

Malicious code in bioql PyPI...

CVE-2025-7785

A vulnerability classified as problematic was found in thinkgem JeeSite up to 5.12.0. This vulnerability affects the function sso of the file src/main/java/com/jeesite/modules/sys/web/SsoController.java. The manipulation of the argument redirect leads to open redirect. The attack can be initiated...

CVE-2025-53632

CVE-2025-53632 affects Chall-Manager and describes a path traversal (zip slip) vulnerability during the decoding/extraction of a scenario archive. The root cause is that the target path for extracted files is not checked, enabling arbitrary file writes and potential impact on integrity and availa...

CVE-2025-53632 Chall-Manager's scenario decoding process does not check for zip slips

Chall-Manager is a platform-agnostic system able to start Challenges on Demand of a player. When decoding a scenario i.e. a zip archive, the path of the file to write is not checked, potentially leading to zip slips. Exploitation does not require authentication nor authorization, so anyone can...

CVE-2025-20692

CVE-2025-20692 affects the WLAN AP driver, with an out-of-bounds read caused by an incorrect bounds check. This leads to local information disclosure under user-mode privileges, with no user interaction required. The vulnerability is tracked in Red Hat as CVE-2025-20692 (patch: WCNCR00418040; MSV...

CVE-2025-5520

A vulnerability was found in Open5GS up to 2.7.3. It has been classified as problematic. Affected is the function gmmstateauthentication/emmstateauthentication of the component AMF/MME. The manipulation leads to reachable assertion. It is possible to launch the attack remotely. The exploit has be...

CVE-2025-46570

The CVE-2025-46570 entry concerns vLLM (inference/serving engine). The concrete detail across connected records shows a vulnerability in the PageAttention-based prefill path: when a new prompt is processed, a matching prefix chunk can accelerate prefill, creating timing differences (TTFT) that co...

CVE-2024-20034

In battery, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08488849; Issue ID: ALPS08488849...

CVE-2024-20021

In atf spm, there is a possible way to remap physical memory to virtual memory due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08584568; Issue ID: MSV-1249...

CVE-2022-32620

In mpu, there is a possible memory corruption due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07541753; Issue ID: ALPS07541753...