PT-2025-51206

LINE client for iOS prior to 15.4 allows man-in-the-middle attacks due to improper SSL/TLS certificate validation in an integrated financial SDK. The SDK interfered with the application's network processing, causing server certificate verification to be disabled for a significant portion of netwo...

Adobe DNG Software Development Kit (SDK) Input Validation Error Vulnerability

Adobe DNG Software Development Kit SDK is a software development kit from the American company Audobee Adobe. An input validation error vulnerability exists in Adobe DNG Software Development Kit SDK, which can be exploited by an attacker to execute arbitrary code on a system or cause an applicati...

CVE-2025-66033

CVE-2025-66033 affects Okta Java Management SDK (versions 21.0.0–24.0.0). The issue involves improper thread cleanup in multithreaded use of the ApiClient, which can cause memory issues and, under sustained load, degrade performance and availability and may lead to a denial-of-service. Red Hat/Re...

CVE-2025-64783

DNG SDK versions 1.7.0 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-64894

DNG SDK versions 1.7.0 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could lead to application denial-of-service. An attacker could exploit this issue to cause the application to crash or become unresponsive. Exploitation of this issue requires user interaction ...

CVE-2025-64893 DNG SDK | Out-of-bounds Read (CWE-125)

DNG SDK versions 1.7.0 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure or application denial of service. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user...

Adobe DNG SDK 缓冲区错误漏洞

Adobe DNG Software Development Kit SDK is a software development kit from the American company Audobee Adobe. The Adobe DNG Software Development Kit SDK contains an out-of-bounds read vulnerability that can be exploited by attackers to obtain sensitive information or cause a denial of service...

PT-2025-50132

Name of the Vulnerable Software and Affected Versions DNG SDK versions 1.7.0 and earlier Description The DNG SDK is affected by a Heap-based Buffer Overflow that may result in memory exposure or application denial of service. An attacker could exploit this issue to disclose sensitive memory...

PT-2025-50131

Name of the Vulnerable Software and Affected Versions DNG SDK versions 1.7.0 and earlier Description The DNG SDK is affected by an Integer Overflow or Wraparound issue. Successful exploitation could lead to arbitrary code execution with the privileges of the current user. User interaction is...

CVE-2025-66414 DNS Rebinding Protection Disabled by Default in Model Context Protocol TypeScript SDK for Servers Running on Localhost

MCP TypeScript SDK is the official TypeScript SDK for Model Context Protocol servers and clients. Prior to 1.24.0, The Model Context Protocol MCP TypeScript SDK does not enable DNS rebinding protection by default for HTTP-based servers. When an HTTP-based MCP server is run on localhost without...

[SECURITY] Fedora 43 Update: dotnet10.0-10.0.100-1.fc43

.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...

[SECURITY] Fedora 42 Update: dotnet10.0-10.0.100-1.fc42

.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...

[SECURITY] Fedora 41 Update: dotnet10.0-10.0.100-1.fc41

.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...

EUVD-2025-198372

Improper authorization in Dynamics OmniChannel SDK Storage Containers allows an unauthorized attacker to elevate privileges over a network...

CVE-2025-64655 Dynamics OmniChannel SDK Storage Containers Elevation of Privilege Vulnerability

...

Dynamics OmniChannel SDK Storage Containers Elevation of Privilege Vulnerability

Improper authorization in Dynamics OmniChannel SDK Storage Containers allows an unauthorized attacker to elevate privileges over a network...

CVE-2025-4321

The CVE-2025-4321 entry concerns Silabs RS9116W-WiSeConnect SDK used in Bluetooth devices. Affected component: the RS9116-WiseConnect SDK handling L2CAP; root cause is processing malformed L2CAP packets, leading to a Denial of Service. Impact as stated: device remains non-operational until a hard...

EUVD-2025-131909

Sogexia Android App Compile Affected SDK v35, Max SDK 32 and fixed in v36, was discovered to contain hardcoded encryption keys in the encryptionhelper.dart file...

EUVD-2025-93390

Adobe Pass versions 3.7.3 and earlier are affected by an Incorrect Authorization vulnerability. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read and write access. Exploitation of this issue requires user interaction in that a victim must install...

PT-2025-46518

Name of the Vulnerable Software and Affected Versions Adobe Pass versions 3.7.3 and earlier Description An Incorrect Authorization issue exists in Adobe Pass. An attacker could bypass security measures and gain unauthorized read and write access. Exploitation requires user interaction, specifical...