| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Bio.Entrez in Biopython through 186 allows doctype XXE. |
| Freedombox before 25.17.1 does not set proper permissions for the backups-data directory, allowing the reading of dump files of databases. |
| RG - AP180, Indoor Wall Plate Wireless AP AP180 series provided by Ruijie Networks Co., Ltd. contain an OS command injection vulnerability. An arbitrary OS command may be executed on the product by an attacker who logs in to the CLI service. |
| Memory Corruption when processing IOCTLs for JPEG data without verification. |
| Memory corruption while loading an invalid firmware in boot loader. |
| Memory Corruption when a corrupted ELF image with an oversized file size is read into a buffer without authentication. |
| Memory corruption while handling concurrent memory mapping and unmapping requests from a user-space application. |
| Information disclosure while processing system calls with invalid parameters. |
| Memory corruption while routing GPR packets between user and root when handling large data packet. |
| Memory corruption while handling IOCTL calls to set mode. |
| Memory corruption while copying packets received from unix clients. |
| Memory corruption while processing MFC channel configuration during music playback. |
| Information disclosure while exposing internal TA-to-TA communication APIs to HLOS |
| Memory corruption during video playback when video session open fails with time out error. |
| Early versions of Operator-SDK provided an insecure method to allow operator containers to run in environments that used a random UID. Operator-SDK before 0.15.2 provided a script, user_setup, which modifies the permissions of the /etc/passwd file to 664 during build time. Developers who used Operator-SDK before 0.15.2 to scaffold their operator may still be impacted by this if the insecure user_setup script is still being used to build new container images.
In affected images, the /etc/passwd file is created during build time with group-writable permissions and a group ownership of root (gid=0). An attacker who can execute commands within an affected container, even as a non-root user, may be able to leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container. |
| Roundcube Webmail before 1.5.12 and 1.6 before 1.6.12 is prone to a Cross-Site-Scripting (XSS) vulnerability via the animate tag in an SVG document. |
| Roundcube Webmail before 1.5.12 and 1.6 before 1.6.12 is prone to a information disclosure vulnerability in the HTML style sanitizer. |
| "UNSUPPORTED WHEN ASSIGNED" Certain versions of the ASUS Live Update client were distributed with unauthorized modifications introduced through a supply chain compromise. The modified builds could cause devices meeting specific targeting conditions to perform unintended actions. Only devices that met these conditions and installed the compromised versions were affected. The Live Update client has already reached End-of-Support (EOS) in October 2021, and no currently supported devices or products are affected by this issue. |
| A vulnerability exists in NGINX Ingress Controller's nginx.org/rewrite-target annotation validation.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
| Cisco is aware of a potential vulnerability. Cisco is currently investigating and will update these details as appropriate as more information becomes available. |
