Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability

Sensitive data storage in improperly locked memory in Windows Universal Plug and Play UPnP Device Host allows an authorized attacker to elevate privileges over a network...

PT-2025-15543 · Microsoft · Windows Universal Plug/Play (Upnp) Device Host +1

Name of the Vulnerable Software and Affected Versions: Windows Universal Plug and Play UPnP Device Host affected versions not specified Description: The issue concerns sensitive data storage in improperly locked memory, allowing an authorized attacker to elevate privileges over a network. This ca...

Microsoft Windows UPnP 安全漏洞

Microsoft Windows UPnP is a device agent from Microsoft Corporation USA. Providing a proxy allows a Windows network connection to recognize the IP address of the ZoneDirector. A security vulnerability exists in Microsoft Windows UPnP. An attacker could exploit the vulnerability to elevate...

SUSE CVE-2025-21913

In the Linux kernel, the following vulnerability has been resolved: x86/amdnb: Use rdmsrsafe in amdgetmmconfigrange Xen doesn't offer MSRFAM10HMMIOCONFBASE to all guests. This results in the following warning: unchecked MSR access error: RDMSR from 0xc0010058 at rIP: 0xffffffff8101d19f...

The vulnerability of the advertise_res() function in the UPnP service of Netgear’s WNR854T router allows a hacker to execute arbitrary code.

The vulnerability of the advertiseres function of the UPnP service involves an escape from the buffer boundaries in memory when processing the M-SEARCH request header value. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending specially crafted M-SEARCH...

The vulnerability of the advertise_res() function in the UPnP service of Netgear’s WNR854T router allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the advertiseres function of the UPnP service involves the escape of operations beyond the buffer in memory when processing the M-SEARCH request header value. Exploitation of this vulnerability allows a remote attacker to execute arbitrary code or cause service failures by...

The vulnerability of the parse_st() function in the UPnP service’s microprogramming software for Netgear WNR854T allows a hacker to execute arbitrary code.

The vulnerability of the parsest function in the UPnP service of Netgear’s WNR854T router software lies in the fact that the operation outside the buffer is allowed when processing the M-SEARCH request header value. Exploiting this vulnerability allows a remote attacker to execute arbitrary code ...

CVE-2024-54807

In Netgear WNR854T 1.5.2 North America, the UPNP service is vulnerable to command injection in the function addmapexec which parses the NewInternalClient parameter of the AddPortMapping SOAPAction into a system call without sanitation. An attacker can send a specially crafted SOAPAction request f...

Netgear WNR854T 安全漏洞

The NETGEAR WNR854T is a wireless router from NETGEAR. The NETGEAR WNR854T version 1.5.2 suffers from a buffer overflow vulnerability that originates from the UPNP service failing to properly validate the length of incoming data, which can be exploited by remote attackers to execute arbitrary cod...

Security Bulletin: IBM Navigator Mobile Android app is vulnerable due to improper access control (CVE-2022-38388)

Summary Improper access control in the IBM Navigator Mobile Android app may allow an authenticated user to potentially enable information disclosure via local access CVE-2022-38388. Vulnerability Details CVEID:CVE-2022-38388 DESCRIPTION: IBM Navigator Mobile Android app could allow a local user t...

D-Link DIR-605L和D-Link DIR-618 安全漏洞

The D-Link DIR-605L and D-Link DIR-618 are both a wireless router from China-based AUO D-Link. An Access Control Error vulnerability exists in the D-Link DIR-605L version 3.02 and the D-Link DIR-618 version 2.02, which stems from improper access control in the file /goform/formAdvNetwork, and can...

The vulnerability of the SetUpnpSettings function of the UPnP service in D-link DIR-823G router software allows a hacker to alter the device’s configuration.

The vulnerability of the SetUpnpSettings function of the UPnP service of the D-link DIR-823G router software lies in improper privilege assignment. Exploiting this vulnerability allows a malicious actor to modify the device’s configuration by sending a specially crafted POST request...

Scammers Sneak 300+ Ad Fraud Apps onto Google Play with 60M Downloads

Google Play Store hit by 300+ fake Android apps, downloaded more than 60 million times pushing ad fraud and data theft. Learn how to spot and remove these threats...

New Ad Fraud Campaign Exploits 331 Apps with 60M+ Downloads for Phishing and Intrusive Ads

Cybersecurity researchers have warned about a large-scale ad fraud campaign that has leveraged hundreds of malicious apps published on the Google Play Store to serve full-screen ads and conduct phishing attacks. "The apps display out-of-context ads and even try to persuade victims to give away...

CVE-2025-2360

A vulnerability classified as critical was found in D-Link DIR-823G 1.0.2B0520181207. Affected by this vulnerability is the function SetUpnpSettings of the file /HNAP1/ of the component UPnP Service. The manipulation of the argument SOAPAction leads to improper authorization. The attack can be...

xorg: xwayland: Use-after-free in PlayReleasedEvents()

A use-after-free flaw was found in X.Org and Xwayland. When a device is removed while still frozen, the events queued for that device remain while the device is freed. Replaying the events will cause a use-after-free...

WordPress WP Posts Carousel plugin <= 1.3.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via auto_play_timeout Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via autoplaytimeout Parameter vulnerability discovered by Krzysztof Zając in WordPress Plugin WP Posts Carousel versions = 1.3.7...

Android Security Bulletin—March 2025Stay organized with collectionsSave and categorize content based on your preferences.

The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Security patch levels of 2025-03-05 or later address all of these issues. To learn how to check a device's security patch level, see Check and update your Android version. Android partners are...

Malicious code in com.google.play-games-pc (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 89482dfb2083648706902d58c49dbe79b54f0e6ab3614bb3f528f8b1fba92cf9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues: CVE-2025-26594: Use-after-free of the root cursor bsc1237427. CVE-2025-26595: Buffer overflow in XkbVModMaskText bsc1237429. CVE-2025-26596: Heap overflow in XkbWriteKeySyms bsc1237430. CVE-2025-26597: Buffer overflow in...