EUVD-2026-0447

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

EUVD-2026-0487

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

EUVD-2026-0556

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

EUVD-2026-0545

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

EUVD-2026-0593

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

EUVD-2026-0618

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

EUVD-2026-0674

An out-of-bounds read vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following versions: QTS...

EUVD-2026-0697

A weakness has been identified in code-projects Content Management System 1.0. This issue affects some unknown processing of the file /admin/delete.php. Executing manipulation of the argument del can lead to sql injection. The attack can be executed remotely. The exploit has been made available t...

EUVD-2025-205568

A security flaw has been discovered in code-projects Refugee Food Management System 1.0. The impacted element is an unknown function of the file /home/pagenateRefugeesList.php. Performing manipulation of the argument rfid results in sql injection. Remote exploitation of the attack is possible. Th...

EUVD-2025-205300

KYOCERA Net Admin 3.4.0906 contains a cross-site request forgery vulnerability that allows attackers to create administrative users without proper request validation. Attackers can craft malicious web pages that automatically submit forms to add new admin accounts with predefined credentials when...

EUVD-2025-205334

Microhard Systems IPn4G 1.1.0 contains an undocumented vulnerability that allows authenticated attackers to list and manipulate running system processes. Attackers can send arbitrary signals to kill background processes and system services through a hidden feature, potentially causing service...

EUVD-2025-205132

In the Linux kernel, the following vulnerability has been resolved: KVM: Destroy target device if coalesced MMIO unregistration fails Destroy and free the target coalesced MMIO device if unregistering said device fails. As clearly noted in the code, kvmiobusunregisterdev does not destroy the targ...

EUVD-2025-205129

In the Linux kernel, the following vulnerability has been resolved: drm/msm/hdmi: Add missing check for allocorderedworkqueue Add check for the return value of allocorderedworkqueue as it may return NULL pointer and cause NULL pointer dereference in hdmihdcp.c and hdmihpd.c. Patchwork:...

EUVD-2025-205127

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix iwlmvmmaxamsdusize for MLO For MLO, we cannot use vif-bssconf.chandef.chan-band, since that will lead to a NULL-ptr dereference as bssconf isn't used. However, in case of real MLO, we also need to take both LMA...

EUVD-2025-205184

In the Linux kernel, the following vulnerability has been resolved: ASoC: da7219: Fix an error handling path in da7219registerdaiclks If clkhwregister fails, the corresponding clk should not be unregistered. To handle errors from loops, clean up partial iterations before doing the goto. So add a...

EUVD-2025-204809

NSF Unidata NetCDF-C Time Unit Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NSF Unidata NetCDF-C. User interaction is required to exploit this vulnerability in that the target mus...

EUVD-2025-204839

A command injection vulnerability in the me.connectify.SMJobBlessHelper XPC service of Speedify VPN up to v15.0.0 allows attackers to execute arbitrary commands with root-level privileges...

EUVD-2025-204850

NVIDIA Isaac Launchable contains a vulnerability where an attacker could cause an execution with unnecessary privileges. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, denial of service, information disclosure and data tampering...

EUVD-2025-204751

LSC Smart Connect Indoor IP Camera 1.4.13 contains a RCE vulnerability in startapp.sh...

EUVD-2025-204346

An information disclosure vulnerability in Kentico Xperience allows public users to access sensitive administration interface hostname details during authentication. Attackers can retrieve confidential hostname configuration information through a public endpoint, potentially exposing internal...