CVE-2025-68968

Double free vulnerability in the multi-mode input module. Impact: Successful exploitation of this vulnerability may affect the input function...

CVE-2025-68969

Multi-thread race condition vulnerability in the thermal management module. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2025-68965

Permission control vulnerability in the Notepad module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

CVE-2025-68957

Multi-thread race condition vulnerability in the card framework module. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2025-68955

Multi-thread race condition vulnerability in the card framework module. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2025-68964

Data verification vulnerability in the HiView module. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2025-68962

Multi-thread race condition vulnerability in the camera framework module. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2025-68966

Permission control vulnerability in the Notepad module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

CVE-2025-68960

Multi-thread race condition vulnerability in the video framework module. Impact: Successful exploitation of this vulnerability may affect availability...

Import Export Tools NG security vulnerabilities

Import Export Tools NG is an open-source import and export tool developed by thundernest. Version 10.0.4 of Import Export Tools NG contains a security vulnerability. This vulnerability stems from a persistent HTML injection issue in the email export module, which could allow remote attackers to...

PT-2026-3034

Name of the Vulnerable Software and Affected Versions Chikitsa Patient Management System version 2.0.2 Description The software contains an authenticated remote code execution issue. Attackers can upload malicious PHP plugins through the module upload functionality. Authenticated attackers can...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003340)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003340 advisory. Heap-based buffer overflow in drivers/net/macsec.c in the MACsec module in the Linux kernel through 4.10.12 allows attackers to cause a denial of service or possibly...

CVE-2025-70892

Phpgurukul Cyber Cafe Management System v1.0 contains a SQL Injection vulnerability in the user management module. The application fails to properly validate user-supplied input in the username parameter of the add-users.php endpoint...

Bdtask Isshue Shopping Cart security vulnerability

Bdtask Isshue Shopping Cart is an e-commerce shopping cart software system developed by the Bangladeshi company Bdtask. Version 3.5 of Bdtask Isshue Shopping Cart contains a security vulnerability. This vulnerability stems from persistent cross-site scripting in the title input fields of the...

CVE-2025-70298

GPAC v2.4.0 was discovered to contain an out-of-bounds read in the oggdmxparsetags function...

PT-2026-3045

Name of the Vulnerable Software and Affected Versions Isshue Shopping Cart version 3.5 Description The software contains a persistent cross-site scripting issue in title input fields within the stock, customer, and invoice modules. An attacker with elevated privileges can inject malicious scripts...

gnupg2 security update

2.2.20-4 - Fix CVE-2025-68973 gpg.fail/memcpy...

Chikitsa code vulnerabilities

Chikitsa is a patient management system developed by the individuals at Sanskruti Technologies. Version Chikitsa 2.0.2 has code vulnerabilities; these vulnerabilities stem from the module upload function, which may allow authenticated attackers to upload malicious PHP plugins and execute remote...

EUVD-2026-2701

Phpgurukul Cyber Cafe Management System v1.0 contains a SQL Injection vulnerability in the user management module. The application fails to properly validate user-supplied input in the username parameter of the add-users.php endpoint...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002047)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002047 advisory. The evmupdateevmxattr function in security/integrity/evm/evmcrypto.c in the Linux kernel before 3.7.5, when the Extended Verification Module EVM is enabled, allows...