CVE Brief Security Intelligence

In multiple locations, there is a possible way to escape chrome sandbox to attack android system_server due to a use after free

Deserialization of Untrusted Data vulnerability in Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Remote Code Execution (RCE)

It was possible to perform Remote Command Execution (RCE) via Java RMI interface in the OpenEdge AdminServer, allowing authenticated users to inject and execute OS commands under the delegated authority of the AdminServer process

Use after free in V8 in Google Chrome prior to 140

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in BuddyDev MediaPress allows PHP Local File Inclusion

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in immonex immonex Kickstart allows PHP Local File Inclusion

Adacore Ada Web Server (AWS) before 25

A SQL Injection vulnerability was found in phpgurukul Complaint Management System 2

phpgurukul Complaint Management System 2

Inappropriate implementation in Extensions in Google Chrome prior to 140

WLAN in Android before 2025-09-05 on Google Pixel devices allows elevation of privilege, aka A-396462223

Figma Desktop for Windows version 125

phpgurukul Complaint Management System in PHP 2

Out-of-bounds Write vulnerability in libaudiosaplus_sec

Out-of-bounds Write vulnerability in libaudiosaplus_sec

In phpgurukul Doctor Appointment Management System 1

The mikecao/flight PHP framework in versions prior to v1

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Sitecore Sitecore Experience Manager (XM), Sitecore Experience Platform (XP)

A security vulnerability in HCL Compass can allow attacker to gain unauthorized database access

In draw_surface_image() of abl/android/lib/draw/draw

A flaw has been found in PHPGurukul Beauty Parlour Management System 1

A vulnerability has been found in PHPGurukul Beauty Parlour Management System 1

phpgurukul Complaint Management System in PHP 2

Improper Input Validation vulnerability in Apache DolphinScheduler

In onNullBinding of RemoteFillService

SSH dissector crash in Wireshark 4

Incomplete validation of dunder attributes allows an attacker to escape from the Local Python execution environment sandbox, enforced by smolagents

Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft MyRezzta allows Authentication Bypass

Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft LimonDesk allows Authentication Bypass

Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft TaskPano allows Authentication Bypass

Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft e-Mutabakat allows Authentication Bypass

Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures

NVIDIA DOCA contains a vulnerability in the collectx-clxapidev Debian package that could allow an actor with low privileges to escalate privileges

Fuji Electric FRENIC-Loader 4 is vulnerable to a deserialization of untrusted data when importing a file through a specified window, which may allow an attacker to execute arbitrary code

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPFunnels Mail Mint allows SQL Injection

Dive is an open-source MCP Host Desktop Application that enables integration with function-calling LLMs

Elevation of privilege

A weakness has been identified in D-Link DI-8400 16

In smp_process_secure_connection_oob_data of smp_act

NVIDIA BlueField contains a vulnerability in the management interface, where an attacker with local access could cause incorrect authorization to modify the configuration

Deserialization of Untrusted Data vulnerability in enituretechnology LTL Freight Quotes – Day & Ross Edition allows Object Injection

Improper input validation vulnerability in CertByte prior to SMR Apr-2023 Release 1 allows local attackers to launch privileged activities

IBM Transformation Advisor 2

There is a possible escalation of privilege due to test/debugging code left in a production build

Promptcraft Forge Studio is a toolkit for evaluating, optimizing, and maintaining LLM-powered applications

In SendPacketToPeer of acl_arbiter

Access of Memory Location After End of Buffer vulnerability in TIGERF trustlet prior to SMR Apr-2023 Release 1 allows local attackers to access protected data

pgAdmin <= 9

In multiple functions of Permissions

In FuseDaemon

In onCreate of ChooserActivity

In multiple locations, there is a possible confused deputy due to Intent Redirect

In multiple locations, there is a possible way to mislead a user into approving an authentication prompt for one app when its result will be used in another due to a logic error in the code

In hasInteractAcrossUsersFullPermission of AppInfoBase

In canForward of IntentForwarderActivity

In handleKeyGestureEvent of PhoneWindowManager

In setMediaButtonReceiver of multiple files, there is a possible way to launch arbitrary activities from background due to a logic error in the code

In afterKeyEventLockedInterruptable of InputDispatcher

In wl_update_hidden_ap_ie() of wl_cfgscan

In wl_cfgscan_update_v3_schedscan_results() of wl_cfgscan

There is a possible escalation of privilege due to a logic error in the code

In lwis_io_buffer_write, there is a possible OOB read/write due to improper input validation

In gxp_mapping_create of gxp_mapping

In assertSafeToStartCustomActivity of AppRestrictionsFragment

In processTransactInternal of RpcState

In onCreate of FaceSettings

In multiple locations, there is a possible way to record audio via a background app due to a missing permission check

In multiple functions of BatteryService

In onCreate of MediaProjectionPermissionActivity

Soft Serve is a self-hostable Git server for the command line

Improper export of component in GoodLock prior to version 2

In ParseTag of dng_ifd

Tenda AC8 v16

In SAEMM_DiscloseMsId of SAEMM_RadioMessageCodec

Denial of service

In TBD of TBD, there is a possible DoS due to a missing null check

Information disclosure

Markdownify is a Model Context Protocol server for converting almost anything to Markdown

The langchain-ai/langchain project, specifically the EverNoteLoader component, is vulnerable to XML External Entity (XXE) attacks due to insecure XML parsing

In multiple functions of ConnectionServiceWrapper

In finishTransition of Transition

In multiple locations, there is a possible way to mislead the user into enabling malicious phone calls forwarding due to a tapjacking/overlay attack

In onCreate of NotificationAccessConfirmationActivity

In onLastAccessedStackLoaded of ActionHandler

A vulnerability was identified in itsourcecode Student Information Management System 1

A security flaw has been discovered in itsourcecode Student Information Management System 1

A security vulnerability has been detected in ScriptAndTools Real Estate Management System 1

Origin Validation Error vulnerability in Akinsoft LimonDesk allows Forceful Browsing

A vulnerability was identified in 1000projects Beauty Parlour Management System 1

A vulnerability has been found in projectworlds Travel Management System 1

A vulnerability was found in projectworlds Travel Management System 1

A vulnerability was determined in projectworlds Travel Management System 1

A vulnerability was identified in projectworlds Travel Management System 1

A security flaw has been discovered in projectworlds Travel Management System 1

A security vulnerability has been detected in 1000projects Beauty Parlour Management System 1

A vulnerability was determined in TOTOLINK N600R 4

NVIDIA DOCA contains a vulnerability in the collectx-dpeserver Debian package for arm64 that could allow an attacker with low privileges to escalate privileges

In markMediaAsFavorite of MediaProvider

In multiple functions of AppOpsControllerImpl

In multiple methods of NotificationChannel