🚨 CVE-2025-24297
Due to lack of server-side input validation, attackers can inject malicious JavaScript code into users personal spaces of the web portal.
🎖@cveNotify
Due to lack of server-side input validation, attackers can inject malicious JavaScript code into users personal spaces of the web portal.
🎖@cveNotify
🚨 CVE-2025-24315
Unauthenticated attackers can add devices of other users to their scenes (or arbitrary scenes of other arbitrary users).
🎖@cveNotify
Unauthenticated attackers can add devices of other users to their scenes (or arbitrary scenes of other arbitrary users).
🎖@cveNotify
🚨 CVE-2025-25276
An unauthenticated attacker can hijack other users' devices and potentially control them.
🎖@cveNotify
An unauthenticated attacker can hijack other users' devices and potentially control them.
🎖@cveNotify
🚨 CVE-2025-26857
Unauthenticated attackers can rename arbitrary devices of arbitrary users (i.e., EV chargers).
🎖@cveNotify
Unauthenticated attackers can rename arbitrary devices of arbitrary users (i.e., EV chargers).
🎖@cveNotify
🚨 CVE-2025-27565
An unauthenticated attacker can delete any user's "rooms" by knowing the user's and room IDs.
🎖@cveNotify
An unauthenticated attacker can delete any user's "rooms" by knowing the user's and room IDs.
🎖@cveNotify
🚨 CVE-2025-27575
An unauthenticated attacker can obtain EV charger version and firmware upgrading history by knowing the charger ID.
🎖@cveNotify
An unauthenticated attacker can obtain EV charger version and firmware upgrading history by knowing the charger ID.
🎖@cveNotify
🚨 CVE-2025-27719
Unauthenticated attackers can query an API endpoint and get device details.
🎖@cveNotify
Unauthenticated attackers can query an API endpoint and get device details.
🎖@cveNotify
🚨 CVE-2025-27927
An unauthenticated attackers can obtain a list of smart devices by knowing a valid username through an unprotected API.
🎖@cveNotify
An unauthenticated attackers can obtain a list of smart devices by knowing a valid username through an unprotected API.
🎖@cveNotify
🚨 CVE-2025-27929
Unauthenticated attackers can retrieve full list of users associated with arbitrary accounts.
🎖@cveNotify
Unauthenticated attackers can retrieve full list of users associated with arbitrary accounts.
🎖@cveNotify
🚨 CVE-2025-30257
Unauthenticated attackers can retrieve serial number of smart meters associated to a specific user account.
🎖@cveNotify
Unauthenticated attackers can retrieve serial number of smart meters associated to a specific user account.
🎖@cveNotify
🚨 CVE-2025-30512
Unauthenticated attackers can send configuration settings to device and possible perform physical actions remotely (e.g., on/off).
🎖@cveNotify
Unauthenticated attackers can send configuration settings to device and possible perform physical actions remotely (e.g., on/off).
🎖@cveNotify
🚨 CVE-2025-31147
Unauthenticated attackers can query information about total energy consumed by EV chargers of arbitrary users.
🎖@cveNotify
Unauthenticated attackers can query information about total energy consumed by EV chargers of arbitrary users.
🎖@cveNotify
🚨 CVE-2022-49957
In the Linux kernel, the following vulnerability has been resolved:
kcm: fix strp_init() order and cleanup
strp_init() is called just a few lines above this csk->sk_user_data
check, it also initializes strp->work etc., therefore, it is
unnecessary to call strp_done() to cancel the freshly initialized
work.
And if sk_user_data is already used by KCM, psock->strp should not be
touched, particularly strp->work state, so we need to move strp_init()
after the csk->sk_user_data check.
This also makes a lockdep warning reported by syzbot go away.
🎖@cveNotify
In the Linux kernel, the following vulnerability has been resolved:
kcm: fix strp_init() order and cleanup
strp_init() is called just a few lines above this csk->sk_user_data
check, it also initializes strp->work etc., therefore, it is
unnecessary to call strp_done() to cancel the freshly initialized
work.
And if sk_user_data is already used by KCM, psock->strp should not be
touched, particularly strp->work state, so we need to move strp_init()
after the csk->sk_user_data check.
This also makes a lockdep warning reported by syzbot go away.
🎖@cveNotify
🚨 CVE-2025-40843
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy.
CodeChecker versions up to 6.26.1 contain a buffer overflow vulnerability in the internal ldlogger library, which is executed by the CodeChecker log command.
This issue affects CodeChecker: through 6.26.1.
🎖@cveNotify
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy.
CodeChecker versions up to 6.26.1 contain a buffer overflow vulnerability in the internal ldlogger library, which is executed by the CodeChecker log command.
This issue affects CodeChecker: through 6.26.1.
🎖@cveNotify
GitHub
Buffer overflow in CodeChecker log command
### Summary
CodeChecker versions up to 6.26.1 contain a buffer overflow vulnerability in the internal `ldlogger` library, which is executed by the `CodeChecker log` command.
### Details
Unsafe...
CodeChecker versions up to 6.26.1 contain a buffer overflow vulnerability in the internal `ldlogger` library, which is executed by the `CodeChecker log` command.
### Details
Unsafe...
🚨 CVE-2025-63293
FairSketch Rise Ultimate Project Manager & CRM 3.9.4 is vulnerable to Insecure Permissions. A remote authenticated user can append comments or upload attachments to tickets for which they lack view or edit authorization, due to missing authorization checks in the ticketing/commenting API.
🎖@cveNotify
FairSketch Rise Ultimate Project Manager & CRM 3.9.4 is vulnerable to Insecure Permissions. A remote authenticated user can append comments or upload attachments to tickets for which they lack view or edit authorization, due to missing authorization checks in the ticketing/commenting API.
🎖@cveNotify
Fairsketch
Simplify your software experience | Fairsketch
🚨 CVE-2020-0656
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server, aka 'Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability'.
🎖@cveNotify
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server, aka 'Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability'.
🎖@cveNotify
🚨 CVE-2024-38182
Weak authentication in Microsoft Dynamics 365 allows an unauthenticated attacker to elevate privileges over a network.
🎖@cveNotify
Weak authentication in Microsoft Dynamics 365 allows an unauthenticated attacker to elevate privileges over a network.
🎖@cveNotify
🚨 CVE-2025-37828
In the Linux kernel, the following vulnerability has been resolved:
scsi: ufs: mcq: Add NULL check in ufshcd_mcq_abort()
A race can occur between the MCQ completion path and the abort handler:
once a request completes, __blk_mq_free_request() sets rq->mq_hctx to
NULL, meaning the subsequent ufshcd_mcq_req_to_hwq() call in
ufshcd_mcq_abort() can return a NULL pointer. If this NULL pointer is
dereferenced, the kernel will crash.
Add a NULL check for the returned hwq pointer. If hwq is NULL, log an
error and return FAILED, preventing a potential NULL-pointer
dereference. As suggested by Bart, the ufshcd_cmd_inflight() check is
removed.
This is similar to the fix in commit 74736103fb41 ("scsi: ufs: core: Fix
ufshcd_abort_one racing issue").
This is found by our static analysis tool KNighter.
🎖@cveNotify
In the Linux kernel, the following vulnerability has been resolved:
scsi: ufs: mcq: Add NULL check in ufshcd_mcq_abort()
A race can occur between the MCQ completion path and the abort handler:
once a request completes, __blk_mq_free_request() sets rq->mq_hctx to
NULL, meaning the subsequent ufshcd_mcq_req_to_hwq() call in
ufshcd_mcq_abort() can return a NULL pointer. If this NULL pointer is
dereferenced, the kernel will crash.
Add a NULL check for the returned hwq pointer. If hwq is NULL, log an
error and return FAILED, preventing a potential NULL-pointer
dereference. As suggested by Bart, the ufshcd_cmd_inflight() check is
removed.
This is similar to the fix in commit 74736103fb41 ("scsi: ufs: core: Fix
ufshcd_abort_one racing issue").
This is found by our static analysis tool KNighter.
🎖@cveNotify