2563 matches found
EUVD-2025-205313
FaceSentry Access Control System 6.4.8 contains a critical authentication vulnerability with hard-coded SSH credentials for the wwwuser account. Attackers can leverage the insecure sudoers configuration to escalate privileges and gain root access by executing sudo commands without authentication...
EUVD-2025-205318
AVE DOMINAplus 1.10.x contains cross-site request forgery and cross-site scripting vulnerabilities that allow attackers to perform administrative actions without user consent. Attackers can craft malicious web pages to exploit login.php parameters and execute arbitrary scripts in user browser...
EUVD-2025-205123
In the Linux kernel, the following vulnerability has been resolved: sched/psi: use kernfs polling functions for PSI trigger polling Destroying psi trigger in cgroupfilerelease causes UAF issues when a cgroup is removed from under a polling process. This is happening because cgroup removal causes ...
EUVD-2025-205174
In the Linux kernel, the following vulnerability has been resolved: ceph: fix potential use-after-free bug when trimming caps When trimming the caps and just after the 'session-scaplock' is released in cephiteratesessioncaps the cap maybe removed by another thread, and when using the stale cap...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a buffer space miscalculation that could lead to a buffer overflow...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a lack of boundary checking, which could lead to out-of-bounds access...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a lack of address family checking in the isotpbind function, which could lead to binding errors...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates in uninitialized memory and could result in uninitialized data being loaded into records...
EUVD-2025-204804
In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: check actuallength before accessing data The URB received in gsusbreceivebulkcallback contains a struct gshostframe. The length of the data after the header depends on the gshostframe hf::fla...
Wordfence Intelligence Weekly WordPress Vulnerability Report (December 8, 2025 to December 14, 2025)
Last week, there were 246 vulnerabilities disclosed in 226 WordPress Plugins and 9 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 81 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities...
EUVD-2025-204357
A security flaw has been discovered in Campcodes Advanced Voting Management System 1.0. The impacted element is an unknown function of the file /admin/votersedit.php of the component Password Handler. Performing manipulation of the argument ID results in improper authorization. The attack is...
EUVD-2025-204370
A denial-of-service vulnerability exists in the omec-project UPF pfcpiface component in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association, a PFCP Session Establishment Request that includes a CreateFAR with an empty or truncated IPv4 address field is not properly validated. During...
Google Pixel elevation of privilege vulnerability (CNVD-2026-0269521)
Google Pixel is a smartphone from the American company Google Google. Google Pixel has a security vulnerability that can be exploited by an attacker to cause local elevation of privilege...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from sysfs changing group attribute ownership without checking visibility, which could result in a warning message...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the use of an improper warning level, which can lead to misleading error messages...
EUVD-2025-203439
IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.3 Deploy transmits data in clear text that could allow an attacker to obtain sensitive information using man in the middle techniques...
WordPress Advanced FAQ Manager plugin cross-site scripting vulnerability (CNVD-2025-3073485)
The WordPress Advanced FAQ Manager plugin is a plugin designed for WordPress websites to help users easily create, manage and display Frequently Asked Questions FAQ pages. The WordPress Advanced FAQ Manager plugin suffers from a cross-site scripting vulnerability that stems from the application's...
EUVD-2025-202887
A vulnerability was identified in UTT 进取 512W up to 3.1.7.7-171114. Affected is the function strcpy of the file /goform/formConfigFastDirectionW. The manipulation of the argument ssid leads to buffer overflow. The attack may be initiated remotely. The exploit is publicly available and might be...
Huawei HarmonyOS Competitive Conditions Vulnerability
Huawei HarmonyOS is a distributed operating system developed independently by Huawei Technologies Co. Huawei HarmonyOS suffers from a competitive condition vulnerability, which originates from a competitive condition vulnerability in the audio module, and can be exploited by an attacker to affect...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from erroneous data leading to an infinite loop...