CVE-2025-48370

CVE-2025-48370 affects the auth-js library (Supabase Auth). Before 2.69.1, functions getUserById, deleteUser, updateUserById, listFactors and deleteFactor did not require UUIDs for user-controlled inputs, enabling potential URL path traversal and invocation of the wrong API function. The issue ta...

CVE-2024-8936

CWE-20: Improper Input Validation vulnerability exists that could lead to loss of confidentiality of controller memory after a successful Man-In-The-Middle attack followed by sending a crafted Modbus function call used to tamper with memory...

CVE-2024-8937

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause a potential arbitrary code execution after a successful Man-In-The Middle attack followed by sending a crafted Modbus function call to tamper with memory area involved in the...

CVE-2023-47456

Tenda AX1806 V1.0.0.1 contains a stack overflow vulnerability in function sub455D4, called by function fromSetWirelessRepeat...

CVE-2022-44315

PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the ExpressionAssign function in expression.c when called from ExpressionParseFunctionCall...

CVE-2020-23546

IrfanView 4.54 allows attackers to cause a denial of service or possibly other unspecified impacts via a crafted XBM file, related to a "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FORMATS!ReadMosaic+0x0000000000000981...

CVE-2011-3350

masqmail 0.2.21 through 0.2.30 improperly calls seteuid in src/log.c and src/masqmail.c that results in improper privilege dropping...

CVE-2025-47691 WordPress Ultimate Member plugin <= 2.10.3 - Arbitrary Function Call vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Ultimate Member Ultimate Member allows Code Injection. This issue affects Ultimate Member: from n/a through 2.10.3...

CVE-2025-47691 WordPress Ultimate Member plugin <= 2.10.3 - Arbitrary Function Call vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Ultimate Member Ultimate Member ultimate-member allows Code Injection.This issue affects Ultimate Member: from n/a through = 2.10.3...

SUSE CVE-2022-49837

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix memory leaks in checkfunccall kmemleak reports this issue: unreferenced object 0xffff88817139d000 size 2048: comm "testprogs", pid 33246, jiffies 4307381979 age 45851.820s hex dump first 32 bytes: 01 00 00 00 00 00 00 00...

CVE-2022-49837

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix memory leaks in checkfunccall kmemleak reports this issue: unreferenced object 0xffff88817139d000 size 2048: comm "testprogs", pid 33246, jiffies 4307381979 age 45851.820s hex dump first 32 bytes: 01 00 00 00 00 00 00 00...

DEBIAN-CVE-2022-49837

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix memory leaks in checkfunccall kmemleak reports this issue: unreferenced object 0xffff88817139d000 size 2048: comm "testprogs", pid 33246, jiffies 4307381979 age 45851.820s hex dump first 32 bytes: 01 00 00 00 00 00 00 00...

UBUNTU-CVE-2022-49837

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix memory leaks in checkfunccall kmemleak reports this issue: unreferenced object 0xffff88817139d000 size 2048: comm "testprogs", pid 33246, jiffies 4307381979 age 45851.820s hex dump first 32 bytes: 01 00 00 00 00 00 00 00...

CVE-2022-49837

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix memory leaks in checkfunccall kmemleak reports this issue: unreferenced object 0xffff88817139d000 size 2048: comm "testprogs", pid 33246, jiffies 4307381979 age 45851.820s hex dump first 32 bytes: 01 00 00 00 00 00 00 00...

CVE-2022-49837 bpf: Fix memory leaks in __check_func_call

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix memory leaks in checkfunccall kmemleak reports this issue: unreferenced object 0xffff88817139d000 size 2048: comm "testprogs", pid 33246, jiffies 4307381979 age 45851.820s hex dump first 32 bytes: 01 00 00 00 00 00 00 00...

FCGHunter: Towards Evaluating Robustness of Graph-Based Android Malware Detection

Graph-based detection methods leveraging Function Call Graphs FCGs have shown promise for Android malware detection AMD due to their semantic insights. However, the deployment of malware detectors in dynamic and hostile environments raises significant concerns about their robustness. While recent...

SAP NetWeaver AS ABAP Access Control (3554667)

The remote SAP NetWeaver ABAP server may be affected by an access control vulnerability. In certain conditions, SAP NetWeaver Application Server ABAP allows an authenticated attacker to craft a Remote Function Call RFC request to restricted destinations, which can be used to expose credentials fo...

CVE-2025-23186

In certain conditions, SAP NetWeaver Application Server ABAP allows an authenticated attacker to craft a Remote Function Call RFC request to restricted destinations, which can be used to expose credentials for a remote service. These credentials can then be further exploited to completely...

CVE-2025-23186 Mixed Dynamic RFC Destination vulnerability through Remote Function Call (RFC) in SAP NetWeaver Application Server ABAP

In certain conditions, SAP NetWeaver Application Server ABAP allows an authenticated attacker to craft a Remote Function Call RFC request to restricted destinations, which can be used to expose credentials for a remote service. These credentials can then be further exploited to completely...

CVE-2025-23186

CVE-2025-23186 affects SAP NetWeaver Application Server ABAP. An authenticated attacker can craft an RFC request to restricted destinations, exposing credentials for a remote service and potentially fully compromising that remote service. Root cause cited in sources is improper access control aro...