CVE-2025-9437 Rockwell Automation ArmorStart® AOP Denial-of-Service Vulnerability

A security issue exists within the Studio 5000 Logix Designer add-on profile AOP for the ArmorStart Classic distributed motor controller, resulting in denial-of-service. This vulnerability is possible due to the input of invalid values into Component Object Model COM methods...

PT-2025-41893

Name of the Vulnerable Software and Affected Versions Studio 5000 Logix Designer affected versions not specified Description A security issue exists that can lead to a denial-of-service condition. This is caused by providing invalid values to Component Object Model COM methods. The vulnerability...

Important: libnvfatbin-13-0

Issue Overview: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user may cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability may lead to a partial denial of service. CVE-2025-23248 NVIDIA...

Important: cuda-nsight-systems-13-0

Issue Overview: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user may cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability may lead to a partial denial of service. CVE-2025-23248 NVIDIA...

AndSoft e-TMS Cross-Site Scripting Vulnerability (CNVD-2025-23554)

AndSoft e-TMS is a logistics management software from AndSoft Spain. AndSoft e-TMS suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters l, demo, demo2, TNTLOGIN, UO, and SuppConn in the file...

AndSoft e-TMS Cross-Site Scripting Vulnerability (CNVD-2025-23546)

AndSoft e-TMS is a logistics management software from AndSoft Spain. AndSoft e-TMS suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters l, demo, demo2, TNTLOGIN, UO, and SuppConn in the...

AndSoft e-TMS Cross-Site Scripting Vulnerability (CNVD-2025-23545)

AndSoft e-TMS is a logistics management software from AndSoft Spain. AndSoft e-TMS suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters l, demo, demo2, TNTLOGIN, UO, and SuppConn in the file...

CVE-2025-27060

Memory corruption while performing SCM call with malformed inputs...

CVE-2025-61773

pyLoad (pre-0.5.0b3.dev91) web UI input validation is insufficient in the Captcha script endpoint and the Click'N'Load (CNL) blueprint, allowing untrusted input to be processed unsafely and enabling client-side code execution (XSS) or other unintended behavior. A patch exists in version 0.5.0b3.d...

CVE-2025-27060

Memory corruption while performing SCM call with malformed inputs...

CVE-2025-27060 Untrusted Pointer Dereference in TZ Firmware

Memory corruption while performing SCM call with malformed inputs...

EUVD-2025-33240

Memory corruption while performing SCM call with malformed inputs...

PT-2025-41345

Name of the Vulnerable Software and Affected Versions Versions prior to 2.3 Description A memory corruption issue exists when processing System Configuration Manager SCM calls with improperly formed inputs. This can lead to unpredictable behavior or potential compromise of the system...

SUSE CVE-2025-61723

The processing time for parsing some invalid inputs scales non-linearly with respect to the size of the input. This affects programs which parse untrusted PEM inputs...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the elfx8664relocatesection function. An attacker can cause a heap-based buffer overflow by providing specially crafted input files during the linking process. Remediation A fix was pushed into the master...

CVE-2025-11494

A vulnerability was found in GNU Binutils 2.45. Impacted is the function bfdx86elflatesizesections of the file bfd/elfxx-x86.c of the component Linker. The manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used. Th...

CVE-2025-11495

A vulnerability was determined in GNU Binutils 2.45. The affected element is the function elfx8664relocatesection of the file elf64-x86-64.c of the component Linker. This manipulation causes heap-based buffer overflow. The attack can only be executed locally. The exploit has been publicly disclos...

CVE-2025-11414

A vulnerability was determined in GNU Binutils 2.45. Affected by this vulnerability is the function getlinkhashentry of the file bfd/elflink.c of the component Linker. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly disclosed and...

CVE-2025-11412

A vulnerability has been found in GNU Binutils 2.45. This impacts the function bfdelfgcrecordvtentry of the file bfd/elflink.c of the component Linker. The manipulation leads to out-of-bounds read. Local access is required to approach this attack. The exploit has been disclosed to the public and...

CVE-2025-11413

A vulnerability was found in GNU Binutils 2.45. Affected is the function elflinkaddobjectsymbols of the file bfd/elflink.c of the component Linker. The manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used...