CVE-2025-5297

CVE-2025-5297 affects SourceCodester Computer Store System 1.0; the Add function in main.c is vulnerable due to a stack-based buffer overflow when processing the argument laptopcompany/RAM/Processor. The issue requires local access to exploit. Multiple sources confirm the detail and indicate a la...

PT-2025-22840 · Sony · Sony Snc-Ds10 +6

Name of the Vulnerable Software and Affected Versions: Sony SNC-M1, SNC-M3, SNC-RZ25N, SNC-RZ30N, SNC-DS10, SNC-CS3N and SNC-RX570N versions up to 1.30 Description: A critical vulnerability has been found in the Administrative Interface of the affected Sony cameras, allowing for the use of defaul...

PT-2025-22847 · Unknown · Tmall Demo

Name of the Vulnerable Software and Affected Versions: Tmall Demo up to 20250505 Description: A vulnerability was found in the processing of the file tmall/admin/account/logout, which leads to cross-site request forgery. The attack may be initiated remotely. The issue affects some unknown...

CVE-2024-20358

A vulnerability in the Cisco Adaptive Security Appliance ASA restore functionality that is available in Cisco ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with root-level...

CVE-2024-20273

A vulnerability in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface of an affected device. This vulnerability is due to insufficient...

CVE-2024-20361

A vulnerability in the Object Groups for Access Control Lists ACLs feature of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to bypass configured access controls on managed devices that are running Cisco Firepower Threat Defense FTD Software. This...

CVE-2024-47156

Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak...

CVE-2023-23482

IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch...

CVE-2023-51433

Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause information leak...

CVE-2023-34154

Vulnerability of undefined permissions in HUAWEI VR screen projection.Successful exploitation of this vulnerability will cause third-party apps to create windows in an arbitrary way, consuming system resources...

CVE-2023-3150

A vulnerability was found in SourceCodester Online Discussion Forum Site 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file posts\managepost.php. The manipulation of the argument id leads to sql injection. The attack can be launched...

CVE-2022-21338

Vulnerability in the Oracle Communications Convergence product of Oracle Communications Applications component: General Framework. The supported version that is affected is 3.0.2.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

CVE-2022-41597

The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application TA.Successful exploitation of this vulnerability may affect the fingerprint service...

CVE-2022-39044

Hidden functionality vulnerability in multiple Buffalo network devices allows a network-adjacent attacker with an administrative privilege to execute an arbitrary OS command. The affected products/versions are as follows: WCR-300 firmware Ver. 1.87 and earlier, WHR-HP-G300N firmware Ver. 2.00 and...

CVE-2021-37047

There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause some services to restart...

CVE-2021-28001

A cross-site scripting vulnerability was discovered in the Comments parameter in Textpattern CMS 4.8.4 which allows remote attackers to execute arbitrary code via a crafted payload entered into the URL field. The vulnerability is triggered by users visiting...

CVE-2020-14772

Vulnerability in the Hyperion Lifecycle Management product of Oracle Hyperion component: Shared Services. The supported version that is affected is 11.1.2.4. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Hyperion Lifecycle Management...

CVE-2020-25238

A vulnerability has been identified in PCS neo Administration Console All versions V3.1, TIA Portal V15, V15.1 and V16. Manipulating certain files in specific folders could allow a local attacker to execute code with SYSTEM privileges. The security vulnerability could be exploited by an attacker...

CVE-2020-5253

NetHack before version 3.6.0 allowed malicious use of escaping of characters in the configuration file usually .nethackrc which could be exploited. This bug is patched in NetHack 3.6.0...

CVE-2018-15003

The Coolpad Defiant Coolpad/cp3632a/cp3632a:7.1.1/NMF26F/099480857:user/release-keys and the T-Mobile Revvl Plus Coolpad/alchemy/alchemy:7.1.1/143.14.171129.3701A-TMO/buildfnj02-206:user/release-keys Android devices contain a pre-installed platform app with a package name of...