CVE-2025-20135

A vulnerability in the DHCP client functionality of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, adjacent attacker to exhaust available memory. This vulnerability is due to improper validation ...

CVE-2025-20219 Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Access Control Bypass Vulnerability

A vulnerability in the implementation of access control rules for loopback interfaces in Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to send traffic that should have been block...

CVE-2025-20219 Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Access Control Bypass Vulnerability

A vulnerability in the implementation of access control rules for loopback interfaces in Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to send traffic that should have been block...

CVE-2025-20135 Cisco Adaptive Security Appliance and Firepower Threat Defense Software DHCP Denial of Service Vulnerability

A vulnerability in the DHCP client functionality of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, adjacent attacker to exhaust available memory. This vulnerability is due to improper validation ...

CVE-2025-20135 Cisco Adaptive Security Appliance and Firepower Threat Defense Software DHCP Denial of Service Vulnerability

A vulnerability in the DHCP client functionality of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, adjacent attacker to exhaust available memory. This vulnerability is due to improper validation ...

Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software DHCP Denial of Service Vulnerability

A vulnerability in the DHCP client functionality of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, adjacent attacker to exhaust available memory. This vulnerability is due to improper validation ...

Cisco Secure Firewall Adaptive Security Appliance和Cisco Secure Firewall Threat Defense 访问控制错误漏洞

Cisco Secure Firewall Adaptive Security Appliance and Cisco Secure Firewall Threat Defense are both products of Cisco, Inc.Cisco Secure Firewall Adaptive Cisco Secure Firewall Adaptive Security Appliance is an enterprise-class firewall software.Cisco Secure Firewall Threat Defense is an integrate...

PT-2025-33319 · Cisco · Cisco Secure Firewall Threat Defense (Ftd) +1

Name of the Vulnerable Software and Affected Versions: Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software affected versions not specified Description: A vulnerability exists in the implementation of access control rules for loopbac...

PT-2025-33040 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 15.6 through 18.0.6 GitLab CE/EE versions 18.1 through 18.1.4 GitLab CE/EE versions 18.2 through 18.2.2 Description: An issue exists in GitLab CE/EE that, under certain conditions, could allow authenticated users to bypa...

Navigating the API Security Landscape: Your Definitive API Security Buyer’s Guide for 2025

APIs power today’s digital economy—connecting customers, partners, and internal services at breakneck speed. But with that agility comes risk: in 2024 alone, API vulnerabilities cost organizations a staggering$2.5 billion in remediation, fines, and lost revenue. As APIs proliferate, traditional...

DEBIAN-CVE-2025-38500

In the Linux kernel, the following vulnerability has been resolved: xfrm: interface: fix use-after-free after changing collectmd xfrm interface collectmd property on xfrm interfaces can only be set on device creation, thus xfrmichangelink should fail when called on such interfaces. The check to...

PT-2025-36001

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's SMB3 implementation related to handling server interfaces during mounting to ksmbd. Specifically, a missing check in the parse server interfaces...

Linux Distros Unpatched Vulnerability : CVE-2020-26963

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Repeated calls to the history and location interfaces could have been used to hang the browser. This was addressed by introducing rate-limiting to these API...

CVE-2025-54997

OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, some OpenBao deployments intentionally limit privileged API operators from executing system code or making network connections...

Linux Distros Unpatched Vulnerability : CVE-2022-50226

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: ccp - Use kzalloc for sev ioctl interfaces to prevent kernel memory leak For some sev ioctl interfaces, input may be passed that is less than or equal t...

CVE-2025-7771

ThrottleStop.sys, a legitimate driver, exposes two IOCTL interfaces that allow arbitrary read and write access to physical memory via the MmMapIoSpace function. This insecure implementation can be exploited by a malicious user-mode application to patch the running Windows kernel and invoke...

Arbitrary Command Injection

Overview Affected versions of this package are vulnerable to Arbitrary Command Injection due to incomplete certificate verification during HTTPS communication between Core and Agent endpoints. An attacker can execute arbitrary commands with high privileges by bypassing authentication and accessin...

CLSA-2025-1753800763 iptraf-ng: Fix of CVE-2024-52949

CVE-2024-52949: fix stack-based buffer overflow in src/ifaces.c by controlling the size in the strcpy function...

IROAD Dashcam FX2 安全漏洞

IROAD Dashcam FX2 is a car recorder from IROAD Korea. A security vulnerability exists in IROAD Dashcam FX2, which stems from a lack of authentication controls on the HTTP and RTSP interfaces, which could lead to an attacker gaining access to sensitive files and video recordings...

CVE-2025-30135

CVE-2025-30135 concerns the IROAD Dashcam FX2, which reportedly exposes unauthenticated HTTP and RTSP interfaces. The description states lack of authentication allows an attacker to download all stored video recordings by connecting to http://192.168.10.1/mnt/extsd/event/ and to view live footage...