PT-2025-44333

Name of the Vulnerable Software and Affected Versions Kea versions 3.0.1 through 3.0.1 Kea versions 3.1.1 through 3.1.2 Description The software can exit unexpectedly when receiving certain option content from a client if three configuration parameters are set to specific values. Specifically, th...

Siemens SIMATIC Devices Stack-based Buffer Overflow (CVE-2023-4911)

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBCTUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBCTUNABLES environment variables when launching binaries with SUID permission to execute code...

Casdoor 2.95.0 - Cross-Site Request Forgery (CSRF)

Exploit Title: Casdoor 2.95.0 - Cross-Site Request Forgery CSRF Application: Casdoor Version: v2.95.0 2025-10-22 Date: 2025-10-23 Exploit Author: Van Lam Nguyen Vendor Homepage: https://casdoor.org/ Software Link: https://github.com/casdoor/casdoor/archive/refs/tags/v2.95.0.zip Tested on: Windows...

X.Org Server XkbSetCompatMap Numeric Truncation Error Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

CVE-2025-62260

Liferay Portal 7.4.0 through 7.4.3.99, and Liferay DXP 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions does not limit the number of objects returned from Headless API requests, which allows remote attackers to perform denial-of-servi...

CVE-2025-12424 Privilege Escalation through SUID-bit Binary

Privilege Escalation through SUID-bit Binary.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5...

CVE-2025-1038

The “Diagnostics Tools” page of the web-based configuration utility does not properly validate user-controlled input, allowing an authenticated user with high privileges to inject commands into the command shell of the TropOS 4th Gen device. The injected commands can be exploited to execute sever...

CVE-2025-1038

CVE-2025-1038 affects Hitachi TropOS 4th Gen: the Diagnostics Tools page of the web-based configuration utility fails to properly validate input, enabling an authenticated high-privilege user to inject shell commands. Exploitation can lead to execution of set-uid applications and full root access...

CVE-2025-1038

The “Diagnostics Tools” page of the web-based configuration utility does not properly validate user-controlled input, allowing an authenticated user with high privileges to inject commands into the command shell of the TropOS 4th Gen device. The injected commands can be exploited to execute sever...

UBUNTU-CVE-2025-40033

In the Linux kernel, the following vulnerability has been resolved: remoteproc: pru: Fix potential NULL pointer dereference in prurprocsetctable prurprocsetctable accessed rproc-priv before the ISERRORNULL check, which could lead to a null pointer dereference. Move the pru assignment, ensuring we...

EUVD-2025-36476

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix crypto buffers in non-linear memory The crypto API, through the scatterlist API, expects input buffers to be in linear memory. We handle this with the cifssgsetbuf helper that converts vmalloc'd memory to their...

EUVD-2025-36495

In the Linux kernel, the following vulnerability has been resolved: remoteproc: pru: Fix potential NULL pointer dereference in prurprocsetctable prurprocsetctable accessed rproc-priv before the ISERRORNULL check, which could lead to a null pointer dereference. Move the pru assignment, ensuring we...

CVE-2025-40033 remoteproc: pru: Fix potential NULL pointer dereference in pru_rproc_set_ctable()

In the Linux kernel, the following vulnerability has been resolved: remoteproc: pru: Fix potential NULL pointer dereference in prurprocsetctable prurprocsetctable accessed rproc-priv before the ISERRORNULL check, which could lead to a null pointer dereference. Move the pru assignment, ensuring we...

CVE-2025-12258

A vulnerability was detected in TOTOLINK A3300R 17.0.0cu.557B20221024. Impacted is the function setOpModeCfg of the file /cgi-bin/cstecgi.cg of the component POST Parameter Handler. The manipulation of the argument opmode results in stack-based buffer overflow. The attack may be performed from...

CVE-2025-12235

A vulnerability was found in Tenda CH22 1.0.0.1. This vulnerability affects the function fromSetIpBind of the file /goform/SetIpBind. The manipulation of the argument page results in buffer overflow. The attack must originate from the local network. The exploit has been made public and could be...

CVE-2025-12214

A vulnerability was detected in Tenda O3 1.0.0.102478. This issue affects the function SetValue/GetValue of the file /goform/sysAutoReboot. Performing a manipulation of the argument enable results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is now public and...

CVE-2025-12213

A security vulnerability has been detected in Tenda O3 1.0.0.102478. This vulnerability affects the function SetValue/GetValue of the file /goform/setVlanConfig. Such manipulation of the argument lan leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been...

PT-2025-44154

Name of the Vulnerable Software and Affected Versions TropOS 4th Gen affected versions not specified Description The “Diagnostics Tools” page within the web-based configuration utility does not adequately validate user-supplied input. This allows a user with high-level authentication to inject...

UBUNTU-CVE-2025-62231

A flaw was identified in the X.Org X server’s X Keyboard Xkb extension where improper bounds checking in the XkbSetCompatMap function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a cras...

Azure Access Technology BLU-IC2和Azure Access Technology BLU-IC4 安全漏洞

The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both networked access controllers from Azure Access Technology, USA. The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are vulnerable to an elevation of privilege vulnerability that is caused by...