CVE-2025-5494 Privilege Escalation

ZohoCorp ManageEngine Endpoint Central was impacted by an improper privilege management issue in the agent setup. This issue affects Endpoint Central: through 11.4.2500.25, through 11.4.2508.13...

CVE-2025-5494 Privilege Escalation

ZohoCorp ManageEngine Endpoint Central was impacted by an improper privilege management issue in the agent setup. This issue affects Endpoint Central: through 11.4.2500.25, through 11.4.2508.13...

CVE-2025-5494

ZohoCorp ManageEngine Endpoint Central is affected by an improper privilege management flaw in the agent setup. The issue impacts Endpoint Central versions up to 11.4.2500.25 and up to 11.4.2508.13. Root cause: improper privilege handling during the agent installation process, enabling local priv...

PT-2025-39370

Name of the Vulnerable Software and Affected Versions ZohoCorp ManageEngine Endpoint Central versions through 11.4.2500.25 ZohoCorp ManageEngine Endpoint Central versions through 11.4.2508.13 Description An improper privilege management issue exists in the agent setup of ZohoCorp ManageEngine...

Cisco IOS XE Software for Catalyst 9800 Series Wireless Controller for Cloud Unauthenticated Access to Certificate Enrollment Service (cisco-sa-9800cl-openscep-SB4xtxzP)

According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. - A vulnerability in the Day One setup process of Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers for Cloud 9800-CL could allow an unauthenticated, remote attacker to access the...

Linux Distros Unpatched Vulnerability : CVE-2023-53396

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix memory leak in dorename If renaming a file in an encrypted directory, function...

CVE-2025-20293

A vulnerability in the Day One setup process of Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers for Cloud 9800-CL could allow an unauthenticated, remote attacker to access the public-key infrastructure PKI server that is running on an affected device. This vulnerability is due...

CVE-2025-20293

CVE-2025-20293 affects Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers for Cloud (9800-CL). The root cause is incomplete cleanup at the end of the Day One setup, allowing an unauthenticated, remote attacker to reach the PKI server via SCEP requests. A successful exploit could ...

CVE-2025-20293

A vulnerability in the Day One setup process of Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers for Cloud 9800-CL could allow an unauthenticated, remote attacker to access the public-key infrastructure PKI server that is running on an affected device. This vulnerability is due...

CVE-2025-47329

Memory corruption while handling invalid inputs in application info setup...

CVE-2025-47329 Release of Invalid Pointer or Reference in Android Core

Memory corruption while handling invalid inputs in application info setup...

CVE-2025-47329

CVE-2025-47329 describes memory corruption while handling invalid inputs in Android Core during application info setup. According to connected sources, the CVE’s impact is rated HIGH (confidentiality, integrity, and availability), with LOCAL attack vector, LOW privileges required, and NONE user i...

Cisco IOS XE Software 安全漏洞

Cisco IOS XE Software is a network operating system from Cisco USA. A security vulnerability exists in Cisco IOS XE Software that stems from an incomplete cleanup of the Day One setup process, which could allow an unauthenticated remote attacker to access the PKI server...

Linux Kernel ksmbd smb2_sess_setup Preauth_HashValue Race Condition Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Kernel. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of the PreauthHashValue field. The issue results from the lack of proper locking...

PT-2025-39285

Name of the Vulnerable Software and Affected Versions Versions prior to 2025-47329 Description A memory corruption issue exists when processing invalid inputs during application info setup. This can potentially lead to unexpected behavior or system compromise. Recommendations At the moment, there...

PT-2025-39298

Name of the Vulnerable Software and Affected Versions Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers for Cloud 9800-CL affected versions not specified Description A flaw exists in the Day One setup process that may allow a remote, unauthenticated attacker to access the...

CVE-2025-39870

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix double free in idxdsetupwqs The clean up in idxdsetupwqs has had a couple bugs because the error handling is a bit subtle. It's simpler to just re-write it in a cleaner way. The issues here are: 1 If...

CVE-2025-39870

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix double free in idxdsetupwqs The clean up in idxdsetupwqs has had a couple bugs because the error handling is a bit subtle. It's simpler to just re-write it in a cleaner way. The issues here are: 1 If...

CVE-2025-39870 dmaengine: idxd: Fix double free in idxd_setup_wqs()

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix double free in idxdsetupwqs The clean up in idxdsetupwqs has had a couple bugs because the error handling is a bit subtle. It's simpler to just re-write it in a cleaner way. The issues here are: 1 If...

CVE-2025-39870 dmaengine: idxd: Fix double free in idxd_setup_wqs()

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix double free in idxdsetupwqs The clean up in idxdsetupwqs has had a couple bugs because the error handling is a bit subtle. It's simpler to just re-write it in a cleaner way. The issues here are: 1 If...