PT-2025-46382

Name of the Vulnerable Software and Affected Versions IntelR NPU Drivers for Windows versions prior to 32.0.100.4023 Description A flaw exists where sensitive information is not properly cleared in a resource before it is released for reuse. This impacts IntelR NPU Drivers for Windows. The issue...

Intel® NPU Driver Advisory

Summary: Potential security vulnerabilities for some Intel® NPU Drivers may allow denial of service or information disclosure. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2025-26402 Description: Protection mechanism failure fo...

USN-7869-1 raptor2 vulnerabilities

Hanno Böck discovered that Raptor incorrectly handled memory operations when processing certain input files. An attacker could possibly use this issue to cause Raptor to crash, resulting in a denial of service. CVE-2020-25713 Pedro Ribeiro discovered that Raptor incorrectly handled parsing certai...

CVE-2025-64456

In JetBrains ReSharper before 2025.2.4 missing signature verification in DPA Collector allows local privilege escalation...

Medium: java-1.8.0-openjdk

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u461, 8u461-perf, 11.0.28, 17.0.16, 21.0.8, 25; Oracle GraalVM for JDK: 17.0.16 a...

[SECURITY] Fedora 43 Update: ruby-3.4.7-28.fc43

Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks as in Perl. It is simple, straight-forward, and extensible...

CLSA-2025-1762544201 libtiff: Fix of CVE-2025-9900

CVE-2025-9900: fix write-what-where vulnerability in processing TIFF image files...

CVE-2025-27918

An issue was discovered in AnyDesk for Windows before 9.0.5, AnyDesk for macOS before 9.0.1, AnyDesk for Linux before 7.0.0, AnyDesk for iOS before 7.1.2, and AnyDesk for Android before 8.0.0. It has an integer overflow and resultant heap-based buffer overflow via a UDP packet during processing o...

EUVD-2025-38150

An issue was discovered in AnyDesk before 9.0.0. It has an integer overflow and resultant heap-based buffer overflow via a UDP packet during processing of an Identity user image within the Discovery feature, or when establishing a connection between any two clients...

Prototype Pollution

@messageformat/runtime is vulnerable to Prototype Pollution. The vulnerability is due to insufficient validation of nested message keys during message data processing, which allows an attacker to inject arbitrary properties into the Object prototype and cause denial of service or unexpected...

CVE-2025-27918

An issue was discovered in AnyDesk for Windows before 9.0.5, AnyDesk for macOS before 9.0.1, AnyDesk for Linux before 7.0.0, AnyDesk for iOS before 7.1.2, and AnyDesk for Android before 8.0.0. It has an integer overflow and resultant heap-based buffer overflow via a UDP packet during processing o...

AnyDesk 输入验证错误漏洞

AnyDesk is a remote desktop connection software from the German company AnyDesk. A security vulnerability exists in AnyDesk versions prior to 9.0.0 that stems from an integer overflow and heap buffer overflow in UDP packets when processing Identity user images in the Discovery feature or...

CMSimple_XH 安全漏洞

CMSimpleXH is a PHP-based content management system derived from the original CMSimple project and belongs to its offshoot version. CMSimpleXH suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, for...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990496)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990496 advisory. In the Linux kernel, the following vulnerability has been resolved: IB/core: Implement a limit on UMAD receive List The existing behavior of ibumad, which maintains...

EUVD-2025-37893

A vulnerability in the RADIUS setting Reject RADIUS requests from clients with repeated failures on Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to cause Cisco ISE to restart unexpectedly. This vulnerability is due to a logic error when processing a RADIUS...

CVE-2025-54334

An issue was discovered in the NPU driver in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400, 1580, 2500. There is a NULL Pointer Dereference of hdev in the npuvertexbootup function...

CVE-2025-47353

Memory corruption while processing request sent from GVM...

CVE-2025-47368

Memory corruption when dereferencing an invalid userspace address in a user buffer during MCDM IOCTL processing...

CVE-2025-47367

Memory corruption while accessing a buffer during IOCTL processing...

CVE-2025-52910

An issue was discovered in the GPU in Samsung Mobile Processor and Wearable Processor Exynos 1280, 2200, 1330, 1380, 1480, 2400. A Use-After-Free leads to privilege escalation...