PUB-A-413471185

In ReadTachyonCommands of gxpmainactor.cc, there is a possible information leak due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-9727

A weakness has been identified in D-Link DIR-816L 206b01. Affected by this issue is the function soapcgimain of the file /soap.cgi. This manipulation of the argument service causes os command injection. Remote exploitation of the attack is possible. The exploit has been made available to the publ...

CVE-2025-9727 D-Link DIR-816L soap.cgi soapcgi_main os command injection

A weakness has been identified in D-Link DIR-816L 206b01. Affected by this issue is the function soapcgimain of the file /soap.cgi. This manipulation of the argument service causes os command injection. Remote exploitation of the attack is possible. The exploit has been made available to the publ...

CVE-2025-29524

Incorrect access control in the component /cgi-bin/systemdiagnosticmain.asp of DASAN GPON ONU H660WM H660WMR210825 allows attackers to access sensitive information...

CVE-2025-55750 Gitpod Classic Affected by Bitbucket OAuth Token Exposure via Redirect Fragment

Gitpod is a developer platform for cloud development environments. In versions before main-gha.33628 for both Gitpod Classic and Gitpod Classic Enterprise, OAuth integration with Bitbucket in certain conditions allowed a crafted link to expose a valid Bitbucket access token via the URL fragment...

PT-2025-35245

Name of the Vulnerable Software and Affected Versions: Gitpod versions prior to main-gha.33628 Description: Gitpod, a developer platform for cloud development environments, experienced an issue where OAuth integration with Bitbucket, under specific conditions, could expose a valid Bitbucket acces...

Malicious code in main-util-validation (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-41583 Malicious code in main-util-validation (npm)

--- -= Per source details. Do not edit below this line.=-...

Google Android elevation of privilege vulnerability (CNVD-2025-19984)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which is caused by a logic error in the main.cpp main code. The vulnerability can be exploited by an attacker to gain elevated privileges on the system...

Unspecified Vulnerability in Google Android (CNVD-2025-19996)

Google Android is a Linux-based open source operating system from Google. A security vulnerability exists in Google Android, which originates from a logic error in multiple functions in hyp-main.c. An attacker could exploit this vulnerability to cause a local information leak...

PT-2025-34929 · O2Oa · O2Oa

Name of the Vulnerable Software and Affected Versions: O2OA version 9.0.3 Description: O2OA version 9.0.3 contains a remote code execution RCE issue via the mainOutput function. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerabilit...

CVE-2024-37777

O2OA v9.0.3 was discovered to contain a remote code execution RCE vulnerability via the mainOutput function...

CVE-2025-22413

In multiple functions of hyp-main.c, there is a possible privilege escalation due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-0078

In main of main.cpp, there is a possible way to bypass SELinux due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-0078

In main of main.cpp, there is a possible way to bypass SELinux due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-22413

In multiple functions of hyp-main.c, there is a possible privilege escalation due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-0078

In main of main.cpp, there is a possible way to bypass SELinux due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-0078

In main of main.cpp, there is a possible way to bypass SELinux due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

Linux Distros Unpatched Vulnerability : CVE-2023-3401

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab affecting all versions before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 befo...

CVE-2025-29524

Incorrect access control in the component /cgi-bin/systemdiagnosticmain.asp of DASAN GPON ONU H660WM H660WMR210825 allows attackers to access sensitive information...