CVE-2025-27045 - Buffer Over-read in Video
CVE ID : CVE-2025-27045
Published : Oct. 9, 2025, 4:16 a.m. | 32 minutes ago
Description : Information disclosure while processing batch command execution in Video driver.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27045
Published : Oct. 9, 2025, 4:16 a.m. | 32 minutes ago
Description : Information disclosure while processing batch command execution in Video driver.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27048 - Untrusted Pointer Dereference in Camera
CVE ID : CVE-2025-27048
Published : Oct. 9, 2025, 4:16 a.m. | 32 minutes ago
Description : Memory corruption while processing camera platform driver IOCTL calls.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27048
Published : Oct. 9, 2025, 4:16 a.m. | 32 minutes ago
Description : Memory corruption while processing camera platform driver IOCTL calls.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27049 - Buffer Over-read in Camera
CVE ID : CVE-2025-27049
Published : Oct. 9, 2025, 4:16 a.m. | 32 minutes ago
Description : Transient DOS while processing IOCTL call for image encoding.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27049
Published : Oct. 9, 2025, 4:16 a.m. | 32 minutes ago
Description : Transient DOS while processing IOCTL call for image encoding.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27053 - Incorrect Calculation of Buffer Size in HLOS
CVE ID : CVE-2025-27053
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption during PlayReady APP usecase while processing TA commands.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27053
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption during PlayReady APP usecase while processing TA commands.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27054 - Out-of-bounds Write in Display
CVE ID : CVE-2025-27054
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while processing a malformed license file during reboot.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27054
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while processing a malformed license file during reboot.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27059 - Use of Out-of-range Pointer Offset in TZ Firmware
CVE ID : CVE-2025-27059
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while performing SCM call.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27059
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while performing SCM call.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27060 - Untrusted Pointer Dereference in TZ Firmware
CVE ID : CVE-2025-27060
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while performing SCM call with malformed inputs.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27060
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while performing SCM call with malformed inputs.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47338 - Untrusted Pointer Dereference in DSP Service
CVE ID : CVE-2025-47338
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while processing escape commands from userspace.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47338
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while processing escape commands from userspace.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47340 - Out-of-bounds Write in DSP Service
CVE ID : CVE-2025-47340
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while processing IOCTL call to get the mapping.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47340
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while processing IOCTL call to get the mapping.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47341 - Buffer Copy Without Checking Size of Input in Camera
CVE ID : CVE-2025-47341
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : memory corruption while processing an image encoding completion event.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47341
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : memory corruption while processing an image encoding completion event.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47342 - Use After Free in BT Controller
CVE ID : CVE-2025-47342
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Transient DOS may occur when multi-profile concurrency arises with QHS enabled.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47342
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Transient DOS may occur when multi-profile concurrency arises with QHS enabled.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47347 - Stack-based Buffer Overflow in Automotive Software platform based on QNX
CVE ID : CVE-2025-47347
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while processing control commands in the virtual memory management interface.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47347
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while processing control commands in the virtual memory management interface.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47349 - Use of Out-of-range Pointer Offset in DSP Service
CVE ID : CVE-2025-47349
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while processing an escape call.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47349
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while processing an escape call.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47351 - Integer Overflow or Wraparound in DSP Service
CVE ID : CVE-2025-47351
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while processing user buffers.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47351
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while processing user buffers.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47354 - Use After Free in DSP Service
CVE ID : CVE-2025-47354
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while allocating buffers in DSP service.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47354
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while allocating buffers in DSP service.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47355 - Out-of-bounds Write in DSP Service
CVE ID : CVE-2025-47355
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while invoking remote procedure IOCTL calls.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47355
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while invoking remote procedure IOCTL calls.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6038 - Lisfinity Core - Lisfinity Core plugin used for pebas® Lisfinity WordPress theme <= 1.4.0 - Authenticated (Subscriber+) Privilege Escalation
CVE ID : CVE-2025-6038
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : The Lisfinity Core - Lisfinity Core plugin used for pebas® Lisfinity WordPress theme plugin for WordPress is vulnerable to privilege escalation via password update in all versions up to, and including, 1.4.0. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change arbitrary user's passwords, including those of administrators.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6038
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : The Lisfinity Core - Lisfinity Core plugin used for pebas® Lisfinity WordPress theme plugin for WordPress is vulnerable to privilege escalation via password update in all versions up to, and including, 1.4.0. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change arbitrary user's passwords, including those of administrators.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7526 - WP Travel Engine – Tour Booking Plugin – Tour Operator Software <= 6.6.7 - Authenticated (Subscriber+) Arbitrary File Deletion via File Renaming
CVE ID : CVE-2025-7526
Published : Oct. 9, 2025, 6:15 a.m. | 2 hours, 33 minutes ago
Description : The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is vulnerable to arbitrary file deletion (via renaming) due to insufficient file path validation in the set_user_profile_image function in all versions up to, and including, 6.6.7. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7526
Published : Oct. 9, 2025, 6:15 a.m. | 2 hours, 33 minutes ago
Description : The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is vulnerable to arbitrary file deletion (via renaming) due to insufficient file path validation in the set_user_profile_image function in all versions up to, and including, 6.6.7. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7634 - WP Travel Engine – Tour Booking Plugin – Tour Operator Software <= 6.6.7 - Unauthenticated Local File Inclusion
CVE ID : CVE-2025-7634
Published : Oct. 9, 2025, 6:15 a.m. | 2 hours, 33 minutes ago
Description : The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 6.6.7 via the mode parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary .php files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where .php file types can be uploaded and included.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7634
Published : Oct. 9, 2025, 6:15 a.m. | 2 hours, 33 minutes ago
Description : The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 6.6.7 via the mode parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary .php files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where .php file types can be uploaded and included.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-11522 - Search & Go - Directory WordPress Theme <= 2.7 - Authentication Bypass to Privilege Escalation via Account Takeover
CVE ID : CVE-2025-11522
Published : Oct. 9, 2025, 8:15 a.m. | 33 minutes ago
Description : The Search & Go - Directory WordPress Theme theme for WordPress is vulnerable to Authentication Bypass via account takeover in all versions up to, and including, 2.7. This is due to insufficient user validation in the search_and_go_elated_check_facebook_user() function This makes it possible for unauthenticated attackers to gain access to other user's accounts, including administrators, when Facebook login is enabled.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-11522
Published : Oct. 9, 2025, 8:15 a.m. | 33 minutes ago
Description : The Search & Go - Directory WordPress Theme theme for WordPress is vulnerable to Authentication Bypass via account takeover in all versions up to, and including, 2.7. This is due to insufficient user validation in the search_and_go_elated_check_facebook_user() function This makes it possible for unauthenticated attackers to gain access to other user's accounts, including administrators, when Facebook login is enabled.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-11539 - Arbitrary Code Execution in Grafana Image Renderer Plugin
CVE ID : CVE-2025-11539
Published : Oct. 9, 2025, 8:15 a.m. | 33 minutes ago
Description : Grafana Image Renderer is vulnerable to remote code execution due to an arbitrary file write vulnerability. This is due to the fact that the /render/csv endpoint lacked validation of the filePath parameter that allowed an attacker to save a shared object to an arbitrary location that is then loaded by the Chromium process. Instances are vulnerable if: 1. The default token ("authToken") is not changed, or is known to the attacker. 2. The attacker can reach the image renderer endpoint. This issue affects grafana-image-renderer: from 1.0.0 through 4.0.16.
Severity: 9.9 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-11539
Published : Oct. 9, 2025, 8:15 a.m. | 33 minutes ago
Description : Grafana Image Renderer is vulnerable to remote code execution due to an arbitrary file write vulnerability. This is due to the fact that the /render/csv endpoint lacked validation of the filePath parameter that allowed an attacker to save a shared object to an arbitrary location that is then loaded by the Chromium process. Instances are vulnerable if: 1. The default token ("authToken") is not changed, or is known to the attacker. 2. The attacker can reach the image renderer endpoint. This issue affects grafana-image-renderer: from 1.0.0 through 4.0.16.
Severity: 9.9 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...