PT-2025-41929

Name of the Vulnerable Software and Affected Versions Ivanti EPMM versions prior to 12.6.0.2 Ivanti EPMM versions prior to 12.5.0.4 Ivanti EPMM versions prior to 12.4.0.4 Description A path traversal issue exists in the admin panel of Ivanti EPMM. A remote, authenticated attacker with...

EUVD-2025-27256

Malicious code in bioql PyPI...

EUVD-2022-5501

Malicious code in bioql PyPI...

CVE-2025-6631 PRT File Parsing Out-of-Bounds Write Vulnerability

A maliciously crafted PRT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process...

CVE-2025-38429 bus: mhi: ep: Update read pointer only after buffer is written

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: ep: Update read pointer only after buffer is written Inside mhiepringaddelement, the read pointer rdoffset is updated before the buffer is written, potentially causing race conditions where the host sees an updated read...

PT-2025-27969

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.1.128 Description: A bug in the jffs2 file system has been detected, caused by a fault injection in jffs2 prealloc raw node refs. The function jffs2 sum write sumnode does not check the return value of jffs2...

CVE-2023-22093

Vulnerability in the Oracle iRecruitment product of Oracle E-Business Suite component: Requisition and Vacancy. Supported versions that are affected are 12.2.3-12.2.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iRecruitment...

CVE-2025-20242

A vulnerability in the Cloud Connect component of Cisco Unified Contact Center Enterprise CCE could allow an unauthenticated, remote attacker to read and modify data on an affected device. This vulnerability is due to a lack of proper authentication controls. An attacker could exploit this...

itech iLabClient 安全漏洞

itech iLabClient is a powerful sender-side lab data receiving software from itech. A security vulnerability exists in itech iLabClient version 3.7.1, which stems from the use of the hard-coded key YngAYdgAE/kKZYu2F2wm6w== to allow local users to read and write to the database...

SUSE CVE-2025-21845

In the Linux kernel, the following vulnerability has been resolved: mtd: spi-nor: sst: Fix SST write failure 'commit 18bcb4aa54ea "mtd: spi-nor: sst: Factor out common write operation to sstnorwritedata"' introduced a bug where only one byte of data is written, regardless of the number of bytes...

CVE-2025-21845

In the Linux kernel, the following vulnerability has been resolved: mtd: spi-nor: sst: Fix SST write failure 'commit 18bcb4aa54ea "mtd: spi-nor: sst: Factor out common write operation to sstnorwritedata"' introduced a bug where only one byte of data is written, regardless of the number of bytes...

DEBIAN-CVE-2025-21845

In the Linux kernel, the following vulnerability has been resolved: mtd: spi-nor: sst: Fix SST write failure 'commit 18bcb4aa54ea "mtd: spi-nor: sst: Factor out common write operation to sstnorwritedata"' introduced a bug where only one byte of data is written, regardless of the number of bytes...

UBUNTU-CVE-2025-21845

In the Linux kernel, the following vulnerability has been resolved: mtd: spi-nor: sst: Fix SST write failure 'commit 18bcb4aa54ea "mtd: spi-nor: sst: Factor out common write operation to sstnorwritedata"' introduced a bug where only one byte of data is written, regardless of the number of bytes...

SAP Business One 授权问题漏洞

SAP Business One is a suite of business management software from the German company SAP. The software includes functionality for financial management, operations management, and human resource management. SAP Business One suffers from an authorization issue vulnerability that stems from improper...

CVE-2024-52939

CVE-2024-52939 is a vulnerability reported in the Imagination Technologies PowerVR-GPU stack where kernel software running inside a Guest VM can post improper commands to the GPU firmware, triggering a write of data outside the Guest VM’s virtualised GPU memory. The issue is described as a local ...

CVE-2025-21550

Vulnerability in the Oracle Financial Services Behavior Detection Platform product of Oracle Financial Services Applications component: Web UI. Supported versions that are affected are 8.0.8.1, 8.1.2.7 and 8.1.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network acce...

DEBIAN-CVE-2025-21502

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u431-perf, 11.0.25, 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM for JDK: 17.0.13, 21.0.5, 23.0.1; Orac...

The vulnerability of the Infrastructure component of the Oracle Banking Liquidity Management management platform allows a hacker to gain unauthorized access to read, create, modify, and delete data, or to cause a service failure.

The vulnerability of Oracle Banking Liquidity Management’s infrastructure component relates to improper cleaning or release of resources. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to read, create, modify, and delete data, or cause...

CVE-2024-21264

Vulnerability in the PeopleSoft Enterprise CC Common Application Objects product of Oracle PeopleSoft component: Activity Guide Composer. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...

CVE-2024-21188

Vulnerability in the Oracle Financial Services Revenue Management and Billing product of Oracle Financial Services Applications component: Chatbot. Supported versions that are affected are 6.0.0.0.0 and 6.1.0.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network acces...