CVE-2025-31700

A vulnerability has been found in Dahua products. Attackers could exploit a buffer overflow vulnerability by sending specially crafted malicious packets, potentially causing service disruption e.g., crashes or remote code execution RCE. Some devices may have deployed protection mechanisms such as...

CVE-2025-31701

A vulnerability has been found in Dahua products. Attackers could exploit a buffer overflow vulnerability by sending specially crafted malicious packets, potentially causing service disruption e.g., crashes or remote code execution RCE. Some devices may have deployed protection mechanisms such as...

CVE-2025-31701

CVE-2025-31701 affects Dahua security cameras. It is described as a buffer overflow in the RPC file upload handler that can be triggered by specially crafted packets, potentially causing DoS or remote code execution. Some devices reportedly deploy ASLR, which may reduce exploitability, but DoS re...

PT-2025-30545

Name of the Vulnerable Software and Affected Versions Dahua products affected versions not specified Description A buffer overflow vulnerability exists in Dahua products. Attackers can exploit this issue by sending specially crafted malicious packets, potentially leading to service disruption, su...

CVE-2025-21168

Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a...

CVE-2024-13451

The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.17.4 via file uploads due to insufficient directory listing...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : libxslt vulnerability (USN-7600-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7600-1 advisory. It was discovered that libxslt could be made to expose sensitive information about address space layout. An attack...

Ubuntu: Security Advisory (USN-7600-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-7600-1 libxslt vulnerability

It was discovered that libxslt could be made to expose sensitive information about address space layout. An attacker could possibly use this issue to bypass Address Space Layout Randomization ASLR protections...

SICK Field Analytics和SICK Media Server 安全特征问题漏洞

SICK Field Analytics and SICK Media Server are both products of the German company SICK.SICK Field Analytics is software for evaluating manufacturing data.SICK Media Server is a media server. A security vulnerability exists in SICK Field Analytics and SICK Media Server that stems from insufficien...

CVE-2025-43578

Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires...

CVE-2025-47112

Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires...

CVE-2025-47104

InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in...

CVE-2024-56830

The Net::EasyTCP package 0.15 through 0.26 for Perl uses Perl's builtin rand if no strong randomization module is present...

CVE-2023-22601

InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-330: Use of Insufficiently Random Values. They do not properly randomize MQTT ClientID parameters. An unauthorized user could calculate this...

CVE-2023-37361

REDCap 12.0.26 LTS and 12.3.2 Standard allows SQL Injection via scheduling, repeatforms, purpose, apptitle, or randomization...

CVE-2023-21492

Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR...

CVE-2022-34295

totd before 1.5.3 does not properly randomize mesg IDs...

CVE-2022-25477

Vulnerability in Realtek RtsPer driver for PCIe Card Reader RtsPer.sys before 10.0.22000.21355 and Realtek RtsUer driver for USB Card Reader RtsUer.sys before 10.0.22000.31274 leaks driver logs that contain addresses of kernel mode objects, weakening KASLR...

CVE-2021-1087

NVIDIA vGPU driver contains a vulnerability in the Virtual GPU Manager vGPU plugin, which could allow an attacker to retrieve information that could lead to a Address Space Layout Randomization ASLR bypass. This affects vGPU version 12.x prior to 12.2, version 11.x prior to 11.4 and version 8.x...