CVE Brief Security Intelligence

Zoom Contact Center for Windows contains a vulnerability involving insufficient verification of data authenticity during remote control sessions.

Microsoft Teams for Android contains an injection vulnerability that allows an authenticated attacker to disclose sensitive runtime information from heap memory.

Unsafe parameter handling during State Snapshot Transfer (SST) in MariaDB server allows malicious joiner nodes to execute arbitrary shell commands on the donor node.

Insufficient validation of parameters during State Snapshot Transfer (SST) in MariaDB server allows malicious joiner nodes to execute arbitrary shell commands via rsync.

A high-privileged MariaDB user can exploit system variables to execute arbitrary shell commands as the mariadbd process user on Galera nodes.

Microsoft Office SharePoint contains an improper authorization vulnerability that allows an authorized attacker to execute arbitrary code remotely.

A heap buffer out-of-bounds write vulnerability in Avast Antivirus scanning logic for malformed Windows PE files may allow local code execution or denial-of-service.

A heap buffer out-of-bounds read vulnerability in Avast Antivirus during the scanning of malformed Windows PE files with .NET metadata may cause local code execution or denial-of-service.

An out-of-bounds write vulnerability in Adobe Acrobat Reader allows attackers to execute arbitrary code in the context of the current user via malicious file interaction.

Apache CXF contains an incomplete fix for a previous vulnerability, potentially allowing remote code execution if untrusted users configure JMS.

A JNDI Injection vulnerability in Apache CXF's JCA integration module allows unauthenticated remote code execution via manipulated deployment descriptors or activation parameters.

A format string vulnerability in the D-Link DCS-935L HTTP handler allows remote attackers to compromise the device via the snprintf function in the CGI binary.

A memory corruption vulnerability in the Linux kernel KVM for arm64 allows a local attacker to access freed memory via improper reassignment of the nested_mmus array.

A use-after-free vulnerability in the Linux kernel device tree unit test code allows a local attacker to crash the kernel or execute code with kernel privileges.

An improper initialization vulnerability exists in the Linux kernel's mprls0025pa pressure driver, which fails to zero out the spi_transfer structure before use.

The Linux kernel's ath5k Wi-Fi driver contains an array-index-out-of-bounds vulnerability that results in a minor out-of-bounds write.

An improper authorization vulnerability in the Zoom Workplace custom URL scheme handler allows unauthenticated users to perform privilege escalation via network access.

A privilege escalation vulnerability exists in the Zoom Workplace custom URL scheme handler, allowing unauthenticated network-based attackers to elevate their access rights.

A privilege escalation vulnerability in OpenClaw allows attackers with Slack account access to manipulate display name metadata to impersonate other identities.

A buffer overflow exists in the Linux kernel's greybus driver, specifically within the cc1352_bootloader_rx function, due to missing bounds checks on receive buffers.

A heap buffer out-of-bounds read vulnerability in the Avira Antivirus engine occurs when scanning malformed PDF files, potentially causing a crash or local code execution.

The Avira Antivirus engine is susceptible to a heap buffer out-of-bounds read when parsing malformed PDF files, leading to potential denial of service or local code execution.

A buffer overflow vulnerability in QNAP File Station 5 allows authenticated remote attackers to modify memory or crash system processes.

Spring for GraphQL applications are vulnerable to unsafe deserialization during the processing of paginated queries, which can lead to remote code execution.

A symlink mishandling vulnerability in the LiteSpeed cPanel plugin allows users with limited access to escalate privileges on shared hosting environments.

A validation flaw in the Linux kernel's `isofs` filesystem driver allows an attacker to provide a crafted ISO image that triggers out-of-bounds memory access.

The Yarbo cloud platform fails to enforce proper per-device or per-user authorization, allowing unauthorized access to global robot commands.

Naxclow smart devices utilize static, non-rotating relay credentials, allowing persistent unauthorized access to device relay channels.

ApostropheCMS contains a password reset vulnerability where an unauthenticated attacker can manipulate the Host header to redirect password reset emails to an attacker-controlled domain.

An incorrect authorization vulnerability in QNAP File Station 6 allows authenticated users to bypass access restrictions and potentially gain unauthorized access to data.

Spring for GraphQL applications utilizing WebSocket transport are susceptible to Cross-Site WebSocket Hijacking (CSWSH) attacks.

OpenClaw contains an approval display truncation vulnerability that allows authenticated users to hide command suffixes from approvers, enabling unauthorized command execution.

Improper state verification in Okta's OAuth implementation allows attackers to manipulate authentication flows, potentially linking a victim's account to an attacker-controlled account.

The Kitty GPU-based terminal emulator contains a security vulnerability that may allow for unauthorized system interaction.