18887 matches found
PT-2025-41513
Name of the Vulnerable Software and Affected Versions libpadm.so versions prior to SMR Oct-2025 Release 1 Description An out-of-bounds write issue exists during the pre-processing of JPEG decoding. This can lead to memory corruption for local attackers. The issue is present in libpadm.so prior to...
PT-2025-41512
Name of the Vulnerable Software and Affected Versions libpadm.so versions prior to SMR Oct-2025 Release 1 Description An out-of-bounds write issue exists in the JPEG decoding pre-processing within libpadm.so. This allows a local attacker to write to memory outside of allocated boundaries. The iss...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF when processing user-supplied URLs. An attacker can cause the server to send unauthorized requests to arbitrary internal or external services by submitting crafted URLs. Workaround This vulnerability can...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF when processing user-supplied URLs. An attacker can cause the server to send unauthorized requests to arbitrary internal or external services by submitting crafted URLs. Workaround This vulnerability can...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF when processing user-supplied URLs. An attacker can cause the server to send unauthorized requests to arbitrary internal or external services by submitting crafted URLs. Workaround This vulnerability can...
CVE-2025-59146 New API has Authenticated Server-Side Request Forgery (SSRF) issue
New API is a large language mode LLM gateway and artificial intelligence AI asset management system. An authenticated Server-Side Request Forgery SSRF vulnerability exists in versions prior to 0.9.0.5. A feature within the application allows authenticated users to submit a URL for the server to...
CVE-2025-59146 New API has Authenticated Server-Side Request Forgery (SSRF) issue
New API is a large language mode LLM gateway and artificial intelligence AI asset management system. An authenticated Server-Side Request Forgery SSRF vulnerability exists in versions prior to 0.9.0.5. A feature within the application allows authenticated users to submit a URL for the server to...
EUVD-2025-33397
A Use of Uninitialized Resource vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on SRX4700 devices allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. When forwarding-options sampling is enabled, receipt of any traffic destined to the...
Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses xmldom-0.8.10.tgz which is vulnerable to this CVE-2021-32796
Summary Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses xmldom-0.8.10.tgz which is vulnerable to this CVE-2021-32796 Vulnerability Details CVEID:CVE-2021-32796 DESCRIPTION: xmldom is an open source pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParse...
CVE-2025-47349
Memory corruption while processing an escape call...
CVE-2025-47351
Memory corruption while processing user buffers...
EUVD-2025-33247
Memory corruption while processing a malformed license file during reboot...
EUVD-2025-33241
Information disclosure while processing batch command execution in Video driver...
CVE-2025-27045 Buffer Over-read in Video
Information disclosure while processing batch command execution in Video driver...
CVE-2025-27041 Buffer Over-read in Video
Transient DOS while processing video packets received from video firmware...
CVE-2025-27041 Buffer Over-read in Video
Transient DOS while processing video packets received from video firmware...
EUVD-2025-33250
Transient DOS while processing video packets received from video firmware...
EUVD-2025-33243
Information disclosure may occur while processing the hypervisor log...
CVE-2025-27040
CVE-2025-27040 affects Qualcomm TZ Firmware in chipsets; root cause is improper input validation when processing hypervisor logs, leading to information disclosure (confidentiality impact). Reported across Red Hat/NVD/CVE listings with no confirmed exploit details. Some sources note no public fix...
PT-2025-41454
Name of the Vulnerable Software and Affected Versions New API versions prior to 0.9.0.5 Description New API is a large language model LLM gateway and artificial intelligence AI asset management system. An authenticated Server-Side Request Forgery SSRF issue exists because the application does not...