Linux Distros Unpatched Vulnerability : CVE-2022-49737

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In X.Org X server 20.11 through 21.1.16, when a client application uses easystroke for mouse gestures, the main thread modifies various data structures used by...

Measuring Ransomware Lateral Movement Susceptibility Via Privilege-Weighted Adjacency Matrix Exponentiation

Ransomware impact hinges on how easily an intruder can move laterally and spread to the maximum number of assets. We present a graph-theoretic method to measure lateral-movement susceptibility and estimate blast radius. We build a directed multigraph where vertices represent assets and edges...

Linux Distros Unpatched Vulnerability : CVE-2018-14017

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The rbinjavaannotationnew function in shlr/java/class.c in radare2 2.7.0 allows remote attackers to cause a denial of service heap-based buffer over-read and...

sha.js is missing type checks leading to hash rewind and passing on crafted data

Summary This is the same as GHSA-cpq7-6gpm-g9rc but just for sha.js, as it has its own implementation. Missing input type checks can allow types other than a well-formed Buffer or string, resulting in invalid values, hanging and rewinding the hash state including turning a tagged hash into an...

ALSA-2025:14178 Important: tomcat9 security update

Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participator...

CVE-2025-31714

In Developer Tools, there is a possible missing verification incorrect input. This could lead to local escalation of privilege with no additional execution privileges needed...

CVE-2025-31714

In Developer Tools, there is a possible missing verification incorrect input. This could lead to local escalation of privilege with no additional execution privileges needed...

CVE-2025-31714

CVE-2025-31714 concerns a missing input verification vulnerability in the Developer Tools component of UNISOC chipsets. The flaw enables local privilege escalation without requiring additional execution privileges. Connected sources corroborate the issue's nature (missing input validation) and lo...

CVE-2025-31714

In Developer Tools, there is a possible missing verification incorrect input. This could lead to local escalation of privilege with no additional execution privileges needed...

UNISOC Chipsets 安全漏洞

UNISOC Chipsets is a chipset from China's Purple Spreadtrum UNISOC. A security vulnerability exists in UNISOC Chipsets, which stems from a missing input validation and could lead to local elevation of privilege...

PT-2025-33625 · Unknown · Developer Tools

Name of the Vulnerable Software and Affected Versions: Developer Tools affected versions not specified Description: A missing input verification flaw exists in Developer Tools. This issue could allow for local escalation of privilege without requiring additional execution privileges...

CVE-2025-53714

A vulnerability has been found in TP-Link TL-WR841N V11. The vulnerability exists in the /userRpm/WzdWlanSiteSurveyRpmAP.htm file due to missing input parameter validation, which may lead to the buffer overflow to cause a crash of the web service and result in a denial-of-service DoS condition. T...

CVE-2025-53713 TP-Link TL-WR841N WlanNetworkRpm_APC.htm buffer overflow

A vulnerability has been found in TP-Link TL-WR841N V11. The vulnerability exists in the /userRpm/WlanNetworkRpmAPC.htm file due to missing input parameter validation, which may lead to the buffer overflow to cause a crash of the web service and result in a denial-of-service DoS condition. The...

Online Fire Reporting System completed-requests.php file SQL Injection Vulnerability

Online Fire Reporting System is an online fire reporting system. Online Fire Reporting System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter teamid in the file /admin/completed-requests.php. An attacker...

Code-Projects Library System 注入漏洞

Library System is a library system. The Library System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter Username in the file /add-teacher.php. An attacker can exploit this vulnerability to execute illega...

The vulnerability of sub_30394 in NETGEAR EX6120 microprogrammable router software allows a hacker to influence the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of sub30394 in NETGEAR EX6120 microprogrammed software routers lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to influence the confidentiality, integrity, and accessibility of the protected...

Curfew e-Pass Management System /admin/edit-category-detail.php File SQL Injection Vulnerability

Curfew e-Pass Management System is an electronic pass management system. Curfew e-Pass Management System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter editid in the file /admin/edit-category-detail.ph...

Employee Record Management System /editmyexp.php File SQL Injection Vulnerability

Employee Record Management System is an employee record management system. Employee Record Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally-entered SQL statements in the parameter emp3workduration in the file /editmyexp.php. An...

The vulnerability of the Framework component of the Android operating system, which allows a hacker to increase their privileges

The vulnerability of the Framework component in the Android operating system relates to the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the ssid1MACFilter() function in the Linksys wireless signal amplifiers’ software allows a hacker to execute arbitrary commands.

The vulnerability of the ssid1MACFilter function in the Linksys wireless amplifier software-related microprogramming system is related to the lack of measures to neutralize specific elements. Exploiting this vulnerability could allow a remote attacker to execute arbitrary commands...