EUVD-2026-24951

An operator allowed to use the REST API can cause the Authoritative server to produce invalid HTTPS or SVCB record data, which can in turn cause LMDB database corruption, if using the LMDB backend...

CVE-2026-32318 Cryptomator for IOS: Tampered vault configuration allows MITM attack on Hub API

Cryptomator for IOS offers multi-platform transparent client-side encryption for files in the cloud. Prior to version 2.8.3, an integrity check vulnerability allows an attacker tamper with the vault configuration file leading to a man-in-the-middle vulnerability in Hub key loading mechanism. Befo...

EUVD-2019-13507

Malware in sbrugna...

OESA-2025-2268 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: rapidio: fix an API misues when rioaddnet fails rioaddnet calls deviceregister and fails when deviceregister fails. Thus, putdevice should be used rather than...

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc. from Samsung South Korea. A security vulnerability exists in SAMSUNG Mobile devices SMR Sep-2024 Release 1 version and earlier versions, which stems from the DualDarManagerProxy component containing...

CVE-2024-20884

Incorrect use of privileged API vulnerability in getSemBatteryUsageStats in BatteryStatsService prior to SMR Jun-2024 Release 1 allows local attackers to use privileged API...

CVE-2023-6150

Incorrect Use of Privileged APIs vulnerability in ESKOM Computer e-municipality module allows Collect Data as Provided by Users.This issue affects e-municipality module: before v.105...

No way of transfering Ownership/Wrong use of Interface

Lines of code Vulnerability details Impact From my understanding there is no way to change the owner which can lead to funds can be stuck if an AMM and governance change/upgrade is required. There is risk if the owner keys get compromised - also there is no progressive security if you can't chang...

CVE-2022-26461

In vow, there is a possible undefined behavior due to an API misuse. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032604; Issue ID: ALPS07032604...

CVE-2022-27140

An arbitrary file upload vulnerability in the file upload module of express-fileupload 1.3.1 allows attackers to execute arbitrary code via a crafted PHP file. NOTE: the vendor's position is that the observed behavior can only occur with "intentional misusing of the API": the express-fileupload...

ALPINE-CVE-2020-36325

An issue was discovered in Jansson through 2.13.1. Due to a parsing error in jsonloads, there's an out-of-bounds read-access bug. NOTE: the vendor reports that this only occurs when a programmer fails to follow the API specification...

CVE-2017-9614

The fillinputbuffer function in jdatasrc.c in libjpeg-turbo 1.5.1 allows remote attackers to cause a denial of service invalid memory access and application crash or possibly have unspecified other impact via a crafted jpg file. NOTE: Maintainer asserts the issue is due to a bug in downstream cod...