CVE-2025-52918

Yealink RPS before 2025-05-26 does not prevent OpenAPI access by frozen enterprise accounts, allowing unauthorized access to deactivated interfaces...

CVE-2025-52918

Yealink RPS before 2025-05-26 does not prevent OpenAPI access by frozen enterprise accounts, allowing unauthorized access to deactivated interfaces...

CVE-2025-38006

In the Linux kernel, the following vulnerability has been resolved: net: mctp: Don't access ifaindex when missing In mctpdumpaddrinfo, ifaindex can be used to filter interfaces, but only when the struct ifaddrmsg is provided. Otherwise it will be comparing to uninitialised memory - reproducible i...

CVE-2025-52918

Yealink RPS before 2025-05-26 does not prevent OpenAPI access by frozen enterprise accounts, allowing unauthorized access to deactivated interfaces...

CVE-2025-52918

CVE-2025-52918 affects Yealink RPS (Redirect and Provisioning Service). Before 2025-05-26, OpenAPI access is not blocked for frozen enterprise accounts, allowing unauthorized access to deactivated interfaces. CVSS v3.1 base score 5.0 (medium); impact limited to confidentiality. The available docu...

MalGuard: Towards Real-Time, Accurate, and Actionable Detection of Malicious Packages in PyPI Ecosystem

Malicious package detection has become a critical task in ensuring the security and stability of the PyPI. Existing detection approaches have focused on advancing model selection, evolving from traditional machine learning ML models to large language models LLMs. However, as the complexity of the...

Foundation of Affective Computing and Interaction

This book provides a comprehensive exploration of affective computing and human-computer interaction technologies. It begins with the historical development and basic concepts of human-computer interaction, delving into the technical frameworks and practical applications of emotional computing,...

CVE-2025-52918

Yealink RPS before 2025-05-26 does not prevent OpenAPI access by frozen enterprise accounts, allowing unauthorized access to deactivated interfaces...

CVE-2022-50226

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Use kzalloc for sev ioctl interfaces to prevent kernel memory leak For some sev ioctl interfaces, input may be passed that is less than or equal to SEVFWBLOBMAXSIZE, but larger than the data that PSP firmware return...

CVE-2022-50226

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Use kzalloc for sev ioctl interfaces to prevent kernel memory leak For some sev ioctl interfaces, input may be passed that is less than or equal to SEVFWBLOBMAXSIZE, but larger than the data that PSP firmware return...

DEBIAN-CVE-2022-49965

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: add missing -finixxxx interfaces for some SMU13 asics Without these, potential memory leak may be induced...

UBUNTU-CVE-2022-49965

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: add missing -finixxxx interfaces for some SMU13 asics Without these, potential memory leak may be induced...

CVE-2022-50226

CVE-2022-50226 affects the Linux kernel crypto: ccp subsystem, where sev ioctl interfaces could allocate memory with kmalloc to handle input up to SEV_FW_BLOB_MAX_SIZE but were not fully overwritten by PSP firmware, risking uninitialized slab memory. The issue is resolved by changing ioctl memory...

CVE-2022-50226

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Use kzalloc for sev ioctl interfaces to prevent kernel memory leak For some sev ioctl interfaces, input may be passed that is less than or equal to SEVFWBLOBMAXSIZE, but larger than the data that PSP firmware return...

CVE-2022-50226 crypto: ccp - Use kzalloc for sev ioctl interfaces to prevent kernel memory leak

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Use kzalloc for sev ioctl interfaces to prevent kernel memory leak For some sev ioctl interfaces, input may be passed that is less than or equal to SEVFWBLOBMAXSIZE, but larger than the data that PSP firmware return...

CVE-2022-49965

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: add missing -finixxxx interfaces for some SMU13 asics Without these, potential memory leak may be induced...

The vulnerability of the web interface of the risk management platforms IBM OpenPages and IBM OpenPages with Watson allows attackers to compromise the integrity of protected information.

The vulnerability of the web interface of IBM OpenPages and IBM OpenPages with Watson relates to the lack of traceability in the trust chain during certificate verification. Exploitation of this vulnerability could allow a malicious actor, operating remotely, to compromise the integrity of the...

The vulnerability of the web interfaces of IBM OpenPages and IBM OpenPages with Watson allows a hacker to gain access to confidential information.

The vulnerability of the IBM OpenPages and IBM OpenPages with Watson risk management web interfaces is related to improper verification of certificate authenticity. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to confidential information...

The vulnerability in the web interface of the risk management platforms IBM OpenPages and IBM OpenPages with Watson allows a perpetrator to write or re-write any files as desired.

The vulnerability of the IBM OpenPages and IBM OpenPages with Watson web interfaces relates to incorrect restrictions on the path name to the restricted catalog. Exploitation of this vulnerability could allow a malicious actor to write to or re-write any files remotely...

The vulnerability in the web-based interfaces of Cisco Secure Network Analytics Manager and Cisco Secure Network Analytics Virtual Manager allows a perpetrator to execute arbitrary commands.

The vulnerability of the Web interface for managing Cisco Secure Network Analytics Manager and Cisco Secure Network Analytics Virtual Manager systems relates to incorrect elimination of certain elements in the output data. Exploiting this vulnerability could allow a malicious actor to execute...