CVE-2020-9251

HUAWEI Mate 20 smartphones with versions earlier than 10.1.0.160C00E160R2P11 have an improper authorization vulnerability. The software does not properly restrict certain operation in certain scenario, the attacker should do certain configuration before the user turns on student mode function...

CVE-2019-5308

Mate 20 RS smartphones with versions earlier than 9.1.0.135C786E133R3P1 have an improper authorization vulnerability. The software does not properly restrict certain operation in ADB mode, successful exploit could allow the attacker to switch to third desktop after a series of operation...

CVE-2019-5264

There is an information disclosure vulnerability in certain Huawei smartphones Mate 10;Mate 10 Pro;Honor V10;Changxiang 7S;P-smart;Changxiang 8 Plus;Y9 2018;Honor 9 Lite;Honor 9i;Mate 9. The software does not properly handle certain information of applications locked by applock in a rare conditio...

PT-2025-20543 · Sourcecodester · Online Student Clearance System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Student Clearance System version 1.0 Description: A vulnerability was found in the SourceCodester Online Student Clearance System, affecting an unknown functionality of the file /admin/add-student.php. The manipulation o...

PUB-A-330507809

There is a possible bypass of carrier restrictions due to an unusual root cause. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2025-18035 · Unknown · Dazhouda Lecms

Name of the Vulnerable Software and Affected Versions: dazhouda lecms version 3.0.3 Description: A vulnerability has been found in dazhouda lecms, affecting an unknown part of the file "/index.php?my-profile-ajax-1" of the component Personal Information Page. The manipulation leads to cross-site...

CVE-2025-0467 GPU DDK - rgxfw_hwperf_get_packet_buffer OOB write

Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory...

KodExplorer 4.52 - Open Redirect

Exploit Title: KodExplorer 4.52 - Open Redirect Date: 2024-11-08 Exploit Author: Rahad Chowdhury Vendor Homepage: https://kodcloud.com/ Software Link: https://github.com/kalcaddle/KodExplorer/releases/tag/4.52 Version: 4.52 Tested on: Windows 10, PHP 8.2.4, Apache 2.4.56 Steps to Reproduce: 1. At...

Adobe FrameMaker Out-of-Bounds Write Vulnerability (CNVD-2025-07241)

Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. An out-of-bounds write vulnerability exists in Adobe FrameMaker, which can be exploited by an attacker to execute...

PT-2025-16208 · Unknown · Scriptandtools Ecommerce-Website-In-Php

Name of the Vulnerable Software and Affected Versions: ScriptAndTools eCommerce-website-in-PHP version 3.0 Description: A problematic issue has been identified in the software. The issue involves improper restriction of excessive authentication attempts, potentially allowing remote attacks. The...

PT-2025-15166 · Mediatek +1 · Mt6890 +7

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: In the wlan service, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User...

Ouch Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability

A vulnerability was found in ouch-org ouch up to 0.3.1. It has been classified as critical. This affects the function ouch::archive::zip::convertzipdatetime of the file zip.rs. The manipulation of the argument month leads to memory corruption. The attack needs to be approached locally. The exploi...

GHSA-3749-GHW9-M3MG PyTorch susceptible to local Denial of Service

A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0+cu124. Affected by this issue is the function torch.mkldnnmaxpool2d. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be...

CVE-2024-30143

HCL AppScan Traffic Recorder fails to adequately neutralize special characters within the filename, potentially allowing it to resolve to a location beyond the restricted directory. Potential exploits can completely disrupt or takeover the application or the computer where the application is...

CVE-2025-2215

A vulnerability classified as critical was found in Doufox up to 0.2.0. Affected by this vulnerability is an unknown functionality of the file /?s=doudou=file=list. The manipulation of the argument dir leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to...

CVE-2025-2040

A vulnerability classified as critical was found in zhijiantianya ruoyi-vue-pro 2.4.1. Affected by this vulnerability is an unknown functionality of the file /admin-api/bpm/model/deploy. The manipulation leads to improper neutralization of special elements used in a template engine. The attack ca...

CVE-2025-1895

A vulnerability classified as critical has been found in Tenda TX3 16.03.13.11multi. This affects an unknown part of the file /goform/setMacFilterCfg. The manipulation of the argument deviceList leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclos...

Linux Distros Unpatched Vulnerability : CVE-2024-25443

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in the HuginBase::ImageVariable::linkWith function of Hugin v2022.0.0 allows attackers to cause a heap-use-after-free via parsing a crafted image...

Linux Distros Unpatched Vulnerability : CVE-2022-27811

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNOME OCRFeeder before 0.8.4 allows OS command injection via shell metacharacters in a PDF or image filename. CVE-2022-27811 Note that Nessus relies on the...

CVE-2025-1080

LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected versions of LibreOffice a link in a browser using that scheme could be constructed with...