Lucene search
K

54847 matches found

Drupal
Drupal
added 2025/12/03 12:0 a.m.9 views

Mini site - Moderately critical - Cross-Site Scripting - SA-CONTRIB-2025-117

This module allows uploading a zip file and extracting its content in the public file directory to serve this content from a Drupal website. These zip files may contain arbitrary HTML or SVG content that could allow cross-site scripting vulnerabilities. While this is an expected feature, the modu...

5.4CVSS5.5AI score0.00148EPSS
Exploits0References2
Drupal
Drupal
added 2025/12/03 12:0 a.m.11 views

Tagify - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-121

This module enables you to use the Tagify library to enhance text input fields with tag-style UI elements. The module does not sufficiently sanitize the infoLabel value under certain configurations, which can result in a cross-site scripting XSS vulnerability. This vulnerability is mitigated by t...

5.4CVSS5.2AI score0.00136EPSS
Exploits0References2
QT
QT
added 2025/12/03 12:0 a.m.15 views

Security advisory: Improper validation of tag size in Text component parser in Qt declarative module impacts Qt

Improper Validation of Specified Quantity in Input vulnerability in Text component parser of the Qt declarative module has been discovered and has been assigned the CVE id CVE-2025-12385 Affected versions: From Qt 5.0.0 to 6.5.10 and from 6.6.0 to 6.8.5 and from 6.9.0 to 6.10.0 Impact: Allocation...

8.7CVSS6.9AI score0.00263EPSS
Exploits0
CNVD
CNVD
added 2025/12/03 12:0 a.m.4 views

Huawei HarmonyOS Privilege Control Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A privilege control vulnerability exists in Huawei HarmonyOS, which stems from improper privilege control of the memory management module and can be exploite...

9.3CVSS7AI score0.00084EPSS
Exploits0References1
CNVD
CNVD
added 2025/12/03 12:0 a.m.3 views

Huawei HarmonyOS/EMUI Privilege Control Vulnerability (CNVD-2026-00138)

Huawei HarmonyOS is Huawei's self-developed distributed operating system, designed for cell phones, tablets, smart homes and other full-scene devices to achieve seamless cross-device collaboration. Huawei EMUI is Huawei's deeply customized mobile operating system based on Android. A privilege...

8.4CVSS6.8AI score0.00084EPSS
Exploits0References1
CNVD
CNVD
added 2025/12/03 12:0 a.m.3 views

Huawei HarmonyOS file management module privilege control vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A privilege control vulnerability exists in the Huawei HarmonyOS file management module, which can be exploited by an attacker to compromise service...

7.5CVSS6.9AI score0.00137EPSS
Exploits0References1
CNVD
CNVD
added 2025/12/03 12:0 a.m.2 views

Huawei HarmonyOS screen recording framework module memory misreference vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A memory misreference vulnerability exists in the Huawei HarmonyOS screen recording framework module, which can be exploited by attackers to affect...

8.4CVSS6.8AI score0.00067EPSS
Exploits0References1
CNVD
CNVD
added 2025/12/03 12:0 a.m.6 views

Huawei HarmonyOS Privilege Control Vulnerability (CNVD-2025-30300)

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A privilege control vulnerability exists in Huawei HarmonyOS, which stems from improper privilege control of the printing module and can be exploited by an...

6.2CVSS6.8AI score0.0008EPSS
Exploits0References1
CNVD
CNVD
added 2025/12/03 12:0 a.m.4 views

Huawei HarmonyOS Privilege Control Vulnerability (CNVD-2025-30296)

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A privilege control vulnerability exists in Huawei HarmonyOS, which stems from improper privilege control of the boot recovery module, and can be exploited b...

7.1CVSS6.9AI score0.00079EPSS
Exploits0References1
CNVD
CNVD
added 2025/12/03 12:0 a.m.3 views

Huawei HarmonyOS Privilege Control Vulnerability (CNVD-2025-30295)

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A privilege control vulnerability exists in Huawei HarmonyOS, which stems from improper privilege control of the Wi-Fi module and can be exploited by an...

5.5CVSS6.8AI score0.00078EPSS
Exploits0References1
CNVD
CNVD
added 2025/12/03 12:0 a.m.2 views

Huawei HarmonyOS App Lock Module Privilege Control Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A privilege control vulnerability exists in the Huawei HarmonyOS App Lock module, which can be exploited by attackers to affect availability...

5.5CVSS6.8AI score0.00069EPSS
Exploits0References1
CNVD
CNVD
added 2025/12/03 12:0 a.m.3 views

Huawei HarmonyOS Security Checks for Improper Standards Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from an Improper Security Check Criteria vulnerability that originates from an improper security check criterion for the call module...

7.3CVSS6.8AI score0.00074EPSS
Exploits0References1
CNVD
CNVD
added 2025/12/03 12:0 a.m.9 views

Huawei HarmonyOS Privilege Control Vulnerability (CNVD-2025-30302)

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A privilege control vulnerability exists in Huawei HarmonyOS, which stems from improper privilege control of the Notepad module, and can be exploited by an...

5.5CVSS6.8AI score0.00075EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/02 9:7 p.m.3 views

EUVD-2025-200289

Singluarity ineffectively applies selinux / apparmor LSM process labels...

4.5CVSS6.4AI score0.00137EPSS
Exploits0References7
OSV
OSV
added 2025/12/02 9:7 p.m.3 views

GHSA-WWRX-W7C9-RF87 Singluarity ineffectively applies selinux / apparmor LSM process labels

Impact Native Mode default Singularity's default native runtime allows users to apply restrictions to container processes using the apparmor or selinux Linux Security Modules LSMs, via the --security selinux: or --security apparmor: flags. LSM labels are written to process or thread attrs/exec...

4.5CVSS8.1AI score0.00198EPSS
Exploits0References9
EUVD
EUVD
added 2025/12/02 5:34 p.m.5 views

EUVD-2025-200115

vLLM vulnerable to remote code execution via transformersutils/getconfig...

7.1CVSS7.6AI score0.00598EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/02 5:25 p.m.11 views

CVE-2025-64750 Singluarity ineffectively applies of selinux / apparmor LSM process labels

SingularityCE and SingularityPRO are open source container platforms. Prior to SingularityCE 4.3.5 and SingularityPRO 4.1.11 and 4.3.5, if a user relies on LSM restrictions to prevent malicious operations then, under certain circumstances, an attacker can redirect the LSM label write operation so...

4.5CVSS0.00137EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/12/02 5:25 p.m.9 views

CVE-2025-64750 Singluarity ineffectively applies of selinux / apparmor LSM process labels

SingularityCE and SingularityPRO are open source container platforms. Prior to SingularityCE 4.3.5 and SingularityPRO 4.1.11 and 4.3.5, if a user relies on LSM restrictions to prevent malicious operations then, under certain circumstances, an attacker can redirect the LSM label write operation so...

4.5CVSS6.3AI score0.00137EPSS
Exploits0References6
CVE
CVE
added 2025/12/02 5:25 p.m.13 views

CVE-2025-64750

CVE-2025-64750 affects SingularityCE before 4.3.5 and SingularityPRO before 4.1.11 and 4.3.5. The issue arises when a user relies on LSM restrictions to prevent malicious operations; under certain conditions an attacker can redirect the LSM label write operation to be ineffective. Exploitation re...

4.5CVSS6.3AI score0.00137EPSS
Exploits0References6
OSV
OSV
added 2025/12/02 3:15 p.m.4 views

CVE-2025-59705

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a Physically Proximate Attacker to Escalate Privileges by enabling the USB interface through chassis probe insertion during system boot, aka "Unauthorized Reactivation of the USB interface" or F01...

6.8CVSS5.8AI score0.00682EPSS
Exploits9References2
Rows per page
Query Builder