PT-2026-38557

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, on GnuTLS builds, the SIP TLS transport sip transport tls can accept connections with invalid or untrusted certificates even when the application explicitly enables certificate verification via...

EUVD-2025-22374

Malicious code in bioql PyPI...

CVE-2025-7779

Local privilege escalation due to insecure XPC service configuration. The following products are affected: Acronis True Image macOS before build 42389, Acronis True Image for SanDisk macOS before build 42198, Acronis True Image for Western Digital macOS before build 42197, Acronis True Image OEM...

CVE-2025-7724

An unauthenticated OS command injection vulnerability exists in VIGI NVR1104H-4P V1 and VIGI NVR2016H-16MP V2.This issue affects VIGI NVR1104H-4P V1: before 1.1.5 Build 250518; VIGI NVR2016H-16MP V2: before 1.3.1 Build 250407...

CVE-2023-38301

An issue was discovered in a third-party component related to vendor.gsm.serial, shipped on devices from multiple device manufacturers. Various software builds for the BLU View 2, Boost Mobile Celero 5G, Sharp Rouvo V, Motorola Moto G Pure, Motorola Moto G Power, T-Mobile Revvl 6 Pro 5G, and...

CVE-2023-38299

Various software builds for the AT&T Calypso, Nokia C100, Nokia C200, and BLU View 3 devices leak the device IMEI to a system property that can be accessed by any local app on the device without any permissions or special privileges. Google restricted third-party apps from directly obtaining...

CVE-2023-38299

CVE-2023-38299 affects AT&T Calypso, Nokia C100, Nokia C200 and BLU View 3 devices. The issue is that certain software builds leak the device IMEI to a system property (persist.sys.imei1) accessible by any local app without permissions. A high-privilege process exposes the value, allowing indirec...

CVE-2023-38291

CVE-2023-38291 describes a leakage of the Wi‑Fi MAC address via the system propertyro.boot.wifimacaddr in devices from multiple manufacturers. Connected sources (Red Hat, NVD, CNVD, CVE list, vuln enrichment) confirm a third‑party component issue affecting TCL devices (30Z, 10L) and Motorola devi...

Citrix ADC upgrade operations might cause login failure for local system user accounts

Any of the following Citrix ADC upgrade operations might cause login failure for local system user accounts: from Citrix ADC 13.0-83.x buildor later buildsto Citrix ADC 13.1-4.x build from Citrix ADC 12.1-63.x buildor later buildsto Citrix ADC 13.1-4.x build from Citrix ADC 12.1-63.x buildor late...

CVE-2018-19942

A cross-site scripting XSS vulnerability has been reported to affect earlier versions of File Station. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions: QTS 4.5.2.1566 build 20210202 and later QTS...

Juniper Networks Junos OS Kernel Crash With Crafted ICMP Packet Vulnerability

Junos OS is prone to a kernel crash vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:juniper:junos"; if description...