1839 matches found
CVE-2025-68919
CVE-2025-68919 affects Fujitsu Fsas Technologies ETERNUS SF ACM/SC/Express (DX/AF Management Software). The issue arises because maintenance data collected by the system can be accessed by a non-admin principal, potentially exposing data and impacting confidentiality (C), with limited integrity/a...
ROS-20251217-7317
A vulnerability in the V8 JavaScript script handler of Google Chrome browser is related to data type mixing errors. Exploitation of the vulnerability could allow a remote attacker to affect the confidentiality, integrity and availability of protected information using a specially crafted HTML pag...
CVE-2025-58770
APTIOV contains a vulnerability in BIOS where a user may cause “Improper Handling of Insufficient Permissions or Privileges” by local access. Successful exploitation of this vulnerability can lead to escalation of authorization and potentially impact Integrity and Availability...
CVE-2025-42875
The SAP Internet Communication Framework does not conduct any authentication checks for features that need user identification allowing an attacker to reuse authorization tokens, violating secure authentication practices causing low impact on Confidentiality, Integrity and Availability of the...
CVE-2025-42928
Under certain conditions, a high privileged user could exploit a deserialization vulnerability in SAP jConnect to launch remote code execution. The system may be vulnerable when specially crafted input is used to exploit the vulnerability resulting in high impact on confidentiality, integrity and...
EUVD-2025-201852
The SAP Internet Communication Framework does not conduct any authentication checks for features that need user identification allowing an attacker to reuse authorization tokens, violating secure authentication practices causing low impact on Confidentiality, Integrity and Availability of the...
CVE-2025-42875
The SAP Internet Communication Framework does not conduct any authentication checks for features that need user identification allowing an attacker to reuse authorization tokens, violating secure authentication practices causing low impact on Confidentiality, Integrity and Availability of the...
CVE-2025-40938
A vulnerability has been identified in SIMATIC CN 4100 All versions V4.0.1. The affected device stores sensitive information in the firmware. This could allow an attacker to access and misuse this information, potentially impacting the device’s confidentiality, integrity, and availability...
CVE-2025-2296
EDK2 contains a vulnerability in BIOS where an attacker may cause “ Improper Input Validation” by local access. Successful exploitation of this vulnerability could alter control flow in unexpected ways, potentially allowing arbitrary command execution and impacting Confidentiality, Integrity, and...
AZL-72545 CVE-2025-2296 affecting package edk2 for versions less than 20240524git3e722403cd16-11
EDK2 contains a vulnerability in BIOS where an attacker may cause “ Improper Input Validation” by local access. Successful exploitation of this vulnerability could alter control flow in unexpected ways, potentially allowing arbitrary command execution and impacting Confidentiality, Integrity, and...
CVE-2025-40938
SIMATIC CN 4100 (all versions below V4.0.1) contains a vulnerability where sensitive data is stored in the firmware, potentially exposing confidentiality, integrity, and availability. Connected advisories confirm a fix in newer firmware versions (V4.0.1 and later); apply the vendor-released updat...
PT-2025-49843
A vulnerability has been identified in SIMATIC CN 4100 All versions V4.0.1. The affected device stores sensitive information in the firmware. This could allow an attacker to access and misuse this information, potentially impacting the device’s confidentiality, integrity, and availability...
Linux Distros Unpatched Vulnerability : CVE-2025-2296
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - EDK2 contains a vulnerability in BIOS where an attacker may cause Improper Input Validation by local access. Successful exploitation of this vulnerability could...
D-Link Routers Buffer Overflow Vulnerability
D-Link Routers contains a buffer overflow vulnerability that has a high impact on confidentiality, integrity, and availability. The impacted products could be end-of-life EoL and/or end-of-service EoS. Users should discontinue product utilization...
Blog Site admin.php file improper authorization vulnerability
Blog Site is a blogging system. Blog Site suffers from an improper authorization vulnerability that originates in the file /admin.php, which can be exploited by an attacker to compromise confidentiality, integrity, and availability...
ROS-20251125-13
A vulnerability in the maskedPaths feature of the isolated container runc tool is related to the runc state that allows link tracking. Exploitation of the vulnerability could allow an attacker to Affect the confidentiality, integrity and availability of protected information...
CVE-2025-52539
A buffer overflow with Xilinx Run Time Environment may allow a local attacker to read or corrupt data from the advanced extensible interface AXI, potentially resulting in loss of confidentiality, integrity, and/or availability...
CVE-2025-65001
Fujitsu fbiosdrv.sys before 2.5.0.0 allows an attacker to potentially affect system confidentiality, integrity, and availability...
HP Integrated Lights-Out Improper Input Validation (CVE-2022-28627)
A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 iLO 5 firmware versions: Prior to 2.71. An unprivileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality, integrity, and availability...
CVE-2025-65001
Fujitsu fbiosdrv.sys before 2.5.0.0 allows an attacker to potentially affect system confidentiality, integrity, and availability...