CVE-2025-48624

CVE-2025-48624 is a local privilege-escalation vulnerability in the Linux kernel's ARM SMMU v3 driver (arm-smmu-v3.c) caused by improper input validation, leading to an out-of-bounds write in multiple functions. The issue could allow local escalation with no extra privileges and does not require ...

CVE-2025-48525

In disassociate of DisassociationProcessor.java, there is a possible way for an app to continue reading notifications when not associated to a companion device due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User...

CVE-2025-48525

In disassociate of DisassociationProcessor.java, there is a possible way for an app to continue reading notifications when not associated to a companion device due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User...

CVE-2025-22432

In notifyTimeout of CallRedirectionProcessor.java, there is a possible persistent connection due to improper input validation. This could lead to local escalation of privilege and background activity launches with User execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-26489

The CVE-2025-26489 entry concerns Infinera MTC-9, where the Netconf service suffers from improper input validation. The root cause is input validation flaws in the Netconf interface, allowing remote authenticated users to crash the service and reboot the appliance, causing a DoS. Affected version...

CVE-2025-26488 Improper input validation in XML Management service in Infinera MTC-9

Improper Input Validation vulnerability in Infinera MTC-9 allows remote unauthenticated users to crash the service and cause a reboot of the appliance, thus causing a DoS condition, via crafted XML payloads.This issue affects MTC-9: from R22.1.1.0275 before R23.0...

EUVD-2025-201683

Improper Input Validation vulnerability in Infinera MTC-9 allows remote unauthenticated users to crash the service and cause a reboot of the appliance, thus causing a DoS condition, via crafted XML payloads.This issue affects MTC-9: from R22.1.1.0275 before R23.0...

IBM Cognos Controller和IBM Controller 安全漏洞

IBM Cognos Controller and IBM Controller are both products of International Business Machines IBM.IBM Cognos Controller is a business intelligence and planning solution. The product features process automation, financial audit control, and the creation and management of financial reports.IBM...

Google Android 缓冲区错误漏洞

Google Android is a Linux-based open source operating system from Google, Inc. in the United States. Google Android suffers from a buffer error vulnerability that stems from improper input validation and could lead to local elevation of privilege...

Google Android 缓冲区错误漏洞

Google Android is a Linux-based open source operating system from Google, Inc. in the United States. Google Android suffers from a buffer error vulnerability that stems from improper input validation and could lead to local elevation of privilege...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from the American company Google. A security vulnerability exists in Google Android that stems from improper input validation, which could lead to local elevation of privilege and background activity initiation...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from the American company Google. A security vulnerability exists in Google Android that stems from improper input validation and could lead to local elevation of privilege...

Improper Validation of Specified Quantity in Input

Overview nvidia-pytriton is a PyTriton - Flask/FastAPI-like interface to simplify Triton's deployment in Python environments. Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input n the EVBufferToJson function in the HTTP server component. An...

CVE-2025-33211

NVIDIA Triton Server for Linux contains a vulnerability where an attacker may cause an improper validation of specified quantity in input. A successful exploit of this vulnerability may lead to denial of service...

CVE-2025-20389 Improper Input Validation in "label" column field in Splunk Secure Gateway App

In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and versions below 3.9.10, 3.8.58 and 3.7.28 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious payload through the...

CVE-2025-20389 Improper Input Validation in "label" column field in Splunk Secure Gateway App

In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and versions below 3.9.10, 3.8.58 and 3.7.28 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious payload through the...

CVE-2025-7044

An Improper Input Validation vulnerability exists in the user websocket handler of MAAS. An authenticated, unprivileged attacker can intercept a user.update websocket request and inject the issuperuser property set to true. The server improperly validates this input, allowing the attacker to...

CVE-2025-7044

An Improper Input Validation vulnerability exists in the user websocket handler of MAAS. An authenticated, unprivileged attacker can intercept a user.update websocket request and inject the issuperuser property set to true. The server improperly validates this input, allowing the attacker to...

CVE-2025-58475

Improper input validation in libsec-ril.so prior to SMR Dec-2025 Release 1 allows local privileged attackers to write out-of-bounds memory...

CVE-2025-11131

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed...