PT-2025-37483

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel's crypto/arm/poly1305 module where register corruption can occur in non-SIMD contexts. This issue arises from the removal of a SIMD usability check,...

PT-2025-37485

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel's poly1305 function within the arm64/poly1305 module. The issue involves register corruption in contexts where Single Instruction Multiple Data SIMD i...

Wrangling Entropy: Next-Generation Multi-Factor Key Derivation, Credential Hashing, and Credential Generation Functions

The Multi-Factor Key Derivation Function MFKDF offered a novel solution to the classic problem of usable client-side key management by incorporating multiple popular authentication factors into a key derivation process, but was later shown to be vulnerable to cryptanalysis that degraded its...

CVE-2025-9732

A vulnerability was identified in DCMTK. This issue affects an unknown function in the dcmimage/include/dcmtk/dcmimage/diybrpxt.h library of the dcm2img component. Manipulation leads to memory corruption. Local access is required to approach this attack. Mitigation No mitigation is currently...

CVE-2025-9784

A flaw was found in Undertow where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the "MadeYouReset" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts...

CVE-2025-26467

A Privilege Defined With Unsafe Actions vulnerability exists in Apache Cassandra. In affected versions, a user with MODIFY permission on all keyspaces can exploit unsafe operations against certain system resources to escalate privileges and gain superuser access within the Cassandra cluster. This...

CVE-2025-57809

A flaw was found in xgrammar. Recursive grammar definitions could trigger infinite recursion during parsing in GrammarMatcherBase::ExpandEquivalentStackElements, leading to unbounded stack growth and a segmentation fault. This vulnerability allows remote attackers to cause a denial of service DoS...

Huawei HarmonyOS and EMUI Buffer Overflow Vulnerability (CNVD-2025-22612)

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scene distributed operating system based on a microkernel.Huawei EMUI is an emotional operating system developed by Huawei based on Android Android. Huawei HarmonyOS and EMUI are vulnerable to a buffer...

Huawei HarmonyOS and EMUI Incomplete Authentication Information Vulnerability

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scene distributed operating system based on a microkernel.Huawei EMUI is an emotional operating system developed by Huawei based on Android Android. An incomplete authentication information vulnerability...

Huawei HarmonyOS audio codec module out-of-bounds access vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An out-of-bounds access vulnerability exists in the Huawei HarmonyOS audio codec module, which can be exploited by an attacker to cause a usability impact...

Unspecified vulnerability in Huawei HarmonyOS and EMUI Partition module

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scenario distributed operating system based on a microkernel.Huawei EMUI is a user interface developed by Huawei based on the Android operating system. A security vulnerability exists in Huawei HarmonyOS an...

Huawei HarmonyOS home screen module input validation class vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An input validation type vulnerability exists in the Huawei HarmonyOS home screen module, which can be exploited by an attacker to cause the usability to be...

Huawei HarmonyOS ArkUI Framework Out-of-Bounds Array Access Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An out-of-bounds array access vulnerability exists in the Huawei HarmonyOS ArkUI framework, which can be exploited by an attacker to impact usability...

GNU libopts Buffer Overflow Vulnerability

GNU libopts is a C language library for parsing command line options from the US GNU community. A buffer overflow vulnerability exists in GNU libopts version 27.6 and earlier, which stems from a boundary error in the function strstrsse2 when processing untrusted input. An attacker could exploit...

GNU libopts 缓冲区错误漏洞

GNU libopts is a C language library for parsing command line options from the US GNU community. A buffer overflow vulnerability exists in GNU libopts version 27.6 and earlier, which stems from a boundary error in the function strstrsse2 when processing untrusted input. An attacker could exploit...

Huawei EMUI和Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scenario distributed operating system based on a microkernel.Huawei EMUI is a user interface developed by Huawei based on the Android operating system. A security vulnerability exists in Huawei HarmonyOS an...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An input validation type vulnerability exists in the Huawei HarmonyOS home screen module, which can be exploited by an attacker to cause the usability to be...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An out-of-bounds array access vulnerability exists in the Huawei HarmonyOS ArkUI framework, which can be exploited by an attacker to impact usability...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An out-of-bounds access vulnerability exists in the Huawei HarmonyOS audio codec module, which can be exploited by an attacker to cause a usability impact...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to cause a usability impact...