CVE-2025-58295

Buffer overflow vulnerability in the development framework module. Successful exploitation of this vulnerability may affect availability...

PT-2025-41657

Name of the Vulnerable Software and Affected Versions Development framework module affected versions not specified Description A buffer overflow issue exists within the development framework module. Exploitation of this issue could impact system availability. Recommendations At the moment, there ...

EUVD-2024-53859

Malicious code in bioql PyPI...

CVE-2025-55211

FreePBX is an open-source web-based graphical user interface. From 17.0.19.11 to before 17.0.21, authenticated users of the Administrator Control Panel ACP can run arbitrary shell commands by maliciously changing languages of the framework module. This vulnerability is fixed in 17.0.21...

CVE-2025-55211 FreePBX Post-Authenticated Command Injection

FreePBX is an open-source web-based graphical user interface. From 17.0.19.11 to before 17.0.21, authenticated users of the Administrator Control Panel ACP can run arbitrary shell commands by maliciously changing languages of the framework module. This vulnerability is fixed in 17.0.21...

CVE-2025-55211 FreePBX Post-Authenticated Command Injection

FreePBX is an open-source web-based graphical user interface. From 17.0.19.11 to before 17.0.21, authenticated users of the Administrator Control Panel ACP can run arbitrary shell commands by maliciously changing languages of the framework module. This vulnerability is fixed in 17.0.21...

PT-2025-37763

Name of the Vulnerable Software and Affected Versions: FreePBX versions 17.0.19.11 through 17.0.20 Description: FreePBX is a web-based graphical user interface. Authenticated users of the Administrator Control Panel ACP can execute arbitrary shell commands by manipulating the framework module's...

Huawei HarmonyOS dms_fwk module stack buffer overflow vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A stack buffer overflow vulnerability exists in the Huawei HarmonyOS dmsfwk module, which can be exploited by an attacker to cause code execution...

CVE-2025-54617

Stack-based buffer overflow vulnerability in the dmsfwk module. Impact: Successful exploitation of this vulnerability can cause RCE...

CVE-2025-53186

Vulnerability that allows third-party call apps to send broadcasts without verification in the audio framework module Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2024-55922

TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery CSRF. Additionally, state-changing actions in downstrea...

CVE-2022-41586

The communication framework module has a vulnerability of not truncating data properly.Successful exploitation of this vulnerability may affect data confidentiality...

Huawei HarmonyOS UI Framework Module Log Message Improper Control Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An improperly controlled log message vulnerability exists in the Huawei HarmonyOS UI framework module, which can be exploited by an attacker to compromise...

CVE-2024-57957

Vulnerability of improper log information control in the UI framework module Impact: Successful exploitation of this vulnerability may affect service confidentiality...

CVE-2024-55922

TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery CSRF. Additionally, state-changing actions in downstrea...

CVE-2024-55922

CVE-2024-55922 is a CSRF vulnerability in TYPO3’s backend UI deep-link functionality affecting the Form Framework Module. The issue allows an attacker to manipulate or delete persisted form definitions when a victim with an active backend session is deceived into visiting a malicious URL. Conditi...

CVE-2024-55922 Cross-Site Request Forgery in Form Framework Module in TYPO3

TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery CSRF. Additionally, state-changing actions in downstrea...

TYPO3 Form Framework Module vulnerable to Cross-Site Request Forgery

Problem A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery CSRF. Additionally, state-changing actions in downstream components incorrectly accepted submissions via HTTP...

PT-2025-3150 · Typo3 · Typo3

Name of the Vulnerable Software and Affected Versions: TYPO3 versions prior to 11.5.42 ELTS TYPO3 versions prior to 12.4.25 LTS TYPO3 versions prior to 13.4.3 LTS Description: A vulnerability has been identified in the backend user interface functionality involving deep links, which is susceptibl...

CVE-2024-56437

Vulnerability of input parameters not being verified in the widget framework module Impact: Successful exploitation of this vulnerability may affect availability...