4329 matches found
CVE-2025-27484
Sensitive data storage in improperly locked memory in Windows Universal Plug and Play UPnP Device Host allows an authorized attacker to elevate privileges over a network...
CVE-2025-27482
Sensitive data storage in improperly locked memory in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network...
CVE-2025-27482
CVE-2025-27482 is a remote code execution vulnerability in Windows Remote Desktop Gateway Service caused by sensitive data being stored in memory that is not properly locked. The issue enables code execution over the network and is rated high-severity (CVSS 3.1: 8.1). Microsoft’s Patch Tuesday up...
Windows Graphics Component Elevation of Privilege Vulnerability
Sensitive data storage in improperly locked memory in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally...
Windows Kernel Elevation of Privilege Vulnerability
Sensitive data storage in improperly locked memory in Windows Kernel allows an authorized attacker to elevate privileges locally...
PT-2025-15524
Name of the Vulnerable Software and Affected Versions Windows versions affected versions not specified Description A flaw exists in the Windows TCP/IP stack related to the improper locking of memory containing sensitive data. This allows a remote, unauthorized attacker to execute arbitrary code...
The vulnerability of the functions intel_iommu_init() (drivers/iommu/intel/iommu.c) and enable_drhd_fault_handling() (drivers/iommu/intel/dmar.c) in the Linux kernel allows a hacker to trigger a service failure.
The vulnerability of the functions inteliommuinit drivers/iommu/intel/iommu.c and enabledrhdfaulthandling drivers/iommu/intel/dmar.c in the Linux kernel is related to insufficient locking. Exploiting this vulnerability can allow an attacker to cause a service failure...
Vulnerability of the mptcp_nlremove_subflow_and_signal_addr() function (net/mptcp/pm_netlink.c) in the Linux kernel, allowing a hacker to cause a service failure
The vulnerability of the mptcpnlremovesubflowandsignaladdr function net/mptcp/pmnetlink.c in the Linux kernel is related to insufficient locking mechanisms. Exploiting this vulnerability could allow an attacker to cause a service failure...
Vulnerability of the npcm_i2c_probe_bus() function (driver/i2c/buses/i2c-npcm7xx.c) in the Linux kernel, allowing a hacker to cause a service failure
The vulnerability of the npcmi2cprobebus function from the drivers/i2c/busses/i2c-npcm7xx.c file in the Linux kernel is related to insufficient locking mechanisms. Exploiting this vulnerability could allow an attacker to cause a service failure...
CVE-2025-32133
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ays Pro Secure Copy Content Protection and Content Locking secure-copy-content-protection allows Stored XSS.This issue affects Secure Copy Content Protection and Content Locking: from n/a through =...
CVE-2025-32133 WordPress Secure Copy Content Protection and Content Locking plugin <= 4.5.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ays Pro Secure Copy Content Protection and Content Locking secure-copy-content-protection allows Stored XSS.This issue affects Secure Copy Content Protection and Content Locking: from n/a through =...
SUSE CVE-2025-21952
In the Linux kernel, the following vulnerability has been resolved: HID: corsair-void: Update power supply values with a unified work handler corsairvoidprocessreceiver can be called from an interrupt context, locking batterymutex in it was causing a kernel panic. Fix it by moving the critical...
WordPress plugin Secure Copy Content Protection and Content Locking 跨站脚本漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...
CVE-2025-30905
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ays Pro Secure Copy Content Protection and Content Locking secure-copy-content-protection allows Stored XSS.This issue affects Secure Copy Content Protection and Content Locking: from n/a through =...
The vulnerability of the ipsec_fs_roce_tx_mpv_create() function in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the ipsecfsrocetxmpvcreate function in the Linux operating system is related to insufficient resource locking. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the pktgen_thread_worker() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the pktgenthreadworker function in the Linux operating system’s kernel is related to insufficient resource locking. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the htlb_allow_alloc_fallback() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the htlballowallocfallback function in the Linux operating system is related to insufficient resource locking. Exploiting this vulnerability can allow an attacker to cause a service failure...
SUSE CVE-2025-21933
In the Linux kernel, the following vulnerability has been resolved: arm: pgtable: fix NULL pointer dereference issue When updatemmucacherange is called by updatemmucache, the vmf parameter is NULL, which will cause a NULL pointer dereference issue in adjustpte: Unable to handle kernel NULL pointe...
The vulnerability of the irqfd_wakeup() function in Linux kernel-based Xen drivers allows a hacker to trigger a service failure.
The vulnerability of the irqfdwakeup function in Xen kernel-based Linux operating system drivers is related to insufficient resource locking. Exploiting this vulnerability can allow an attacker to trigger a service failure...
CVE-2025-30905
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ays Pro Secure Copy Content Protection and Content Locking secure-copy-content-protection allows Stored XSS.This issue affects Secure Copy Content Protection and Content Locking: from n/a through =...