EUVD-2026-25869

ProjeQtor versions 7.0 through 12.4.3 contain a stored cross-site scripting vulnerability in the checkValidHtmlText function within Security.php that fails to properly sanitize user input by only detecting specific patterns while returning unsanitized strings without output encoding. Attackers ca...

CVE-2026-6024

A vulnerability was determined in Tenda i6 1.0.0.72204. Affected by this issue is the function R7WebsSecurityHandlerfunction of the component HTTP Handler. This manipulation causes path traversal. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be...

Secure Network Function Computation for General Target and Security Functions

Secure network function computation is a critical research direction in network coding, which aims to ensure that the target function is correctly computed at the sink node while preventing the wiretapper from obtaining any information about the security function. In this paper, we focus on the...

EUVD-2021-9459

Malicious code in bioql PyPI...

CVE-2022-50201

CVE-2022-50201 affects the Linux kernel SELinux path: memleak in security_read_state_kernel() where the function returns the result of __security_read_policy without freeing allocated memory in *data. This memory leak occurs when __security_read_policy fails. The issue is addressed by freeing the...

CVE-2022-50201

In the Linux kernel, the following vulnerability has been resolved: selinux: fix memleak in securityreadstatekernel In this function, it directly returns the result of securityreadpolicy without freeing the allocated memory in data, cause memory leak issue, so free the memory if securityreadpolic...

CVE-2022-43003

D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the pskValue parameter in the setRepeaterSecurity function...

CVE-2021-22313

There is a Security Function vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may impair data confidentiality...

PT-2025-26127 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak issue was found in the Linux kernel, specifically in the security read state kernel function. This function directly returns the result of security read policy without...

CVE-2022-43001

D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the pskValue parameter in the setSecurity function...

CVE-2021-22313

There is a Security Function vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may impair data confidentiality...

CVE-2021-22313

There is a Security Function vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may impair data confidentiality...

Security feature bypass

There is a Security Function vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may impair data confidentiality...

CVE-2021-22313

There is a Security Function vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may impair data confidentiality...

Microsoft Windows and Windows Server Denial of Service Vulnerability (CNVD-2021-71951)

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation, an operating system for personal devices, and Microsoft Windows Server, a server operating system. A denial-of-service vulnerability exists in Microsoft Windows and Windows Server, which stems from the...

Third Party Testing of Security is a Very Big Deal for Customers

User Reviews + Test Results Peer reviews are an important part of product selection. Everything I buy on Amazon and most other things I buy I check for reviews first. That’s the “do I like it” or the test-drive part of the selection. But the “how well does it work” part is lab testing. I’m not...

Why you have to move beyond “We have a policy for that”

Ive never been a big fan of - or have believed in the value of - security policies. Sure, theyre necessary for setting expectations and auditors want to see them. They can also serve as a sort of insurance policy to fall back on when an unexpected security "event" occurs. But, at the end of the...

The Mac OS X operating system, and found 2 pieces of Privilege elevation 0day vulnerabilities-vulnerability warning-the black bar safety net

Apple Mac OS X operating system, and found 2 pieces new, 0day vulnerabilities, if an attacker successfully exploited, may be in the victim's equipment on elevated privileges to get root access. Vulnerability details These two vulnerabilities is by Italian security researcher Luca Todesco found, a...

Cross site scripting

The issafeurl function in utils/http.py in Django 1.4.x before 1.4.6, 1.5.x before 1.5.2, and 1.6 before beta 2 treats a URL's scheme as safe even if it is not HTTP or HTTPS, which might introduce cross-site scripting XSS or other vulnerabilities into Django applications that use this function, a...

CVE-2009-1299

The pamakesecuredir function in core-util.c in PulseAudio 0.9.10 and 0.9.19 allows local users to change the ownership and permissions of arbitrary files via a symlink attack on a /tmp/.esd- temporary file...