7.5

CVSS3.1

CVE-2025-31497 - TEIGarage XML External Entity (XXE) Injection in Document Conversion Service

TEIGarage is a webservice and RESTful service to transform, convert and validate various formats, focussing on the TEI format. The Document Conversion Service contains a critical XML External Entity (XXE) Injection vulnerability in its document conversion functionality. The service processes XML fiโ€ฆ

๐Ÿ“… Published: April 15, 2025, 8 p.m. ๐Ÿ”„ Last Modified: April 16, 2025, 1:25 p.m.

9.3

CVSS4.0

CVE-2025-2567 - Lantronix Xport Missing Authentication for Critical Function

An attacker could modify or disable settings, disrupt fuel monitoring and supply chain operations, leading to disabling of ATG monitoring. This would result in potential safety hazards in fuel storage and transportation.

๐Ÿ“… Published: April 15, 2025, 7:59 p.m. ๐Ÿ”„ Last Modified: April 16, 2025, 1:25 p.m.

8.8

CVSS3.1

CVE-2025-32438 - Local privilege escalation in make-initrd-ng

make-initrd-ng is a tool for copying binaries and their dependencies. Local privilege escalation affecting all NixOS users. With systemd.shutdownRamfs.enable enabled (the default) a local user is able to create a program that will be executed by root during shutdown. Patches exist for NixOS 24.11 aโ€ฆ

๐Ÿ“… Published: April 15, 2025, 7:57 p.m. ๐Ÿ”„ Last Modified: April 16, 2025, 1:25 p.m.

6.7

CVSS3.1

CVE-2025-1122 -

Out-Of-Bounds Write in TPM2 Reference Library in Google ChromeOS 15753.50.0 stable on Cr50 Boards allows an attacker with root access to gain persistence and Bypass operating system verification via exploiting the NV_Read functionality during the Challenge-Response process.

๐Ÿ“… Published: April 15, 2025, 7:51 p.m. ๐Ÿ”„ Last Modified: Oct. 6, 2025, 4:56 p.m.

6.7

CVSS3.1

CVE-2025-1292 - TPM2 Out-Of-Bounds Write Leading to Potential Operating System Verification Bypass in ChromeOS

Out-Of-Bounds Write in TPM2 Reference Library in Google ChromeOS 122.0.6261.132 stable on Cr50 Boards allows an attacker with root access to gain persistence and bypass operating system verification via exploiting the NV_Read functionality during the Challenge-Response process.

๐Ÿ“… Published: April 15, 2025, 7:46 p.m. ๐Ÿ”„ Last Modified: Oct. 6, 2025, 4:55 p.m.

6.5

CVSS3.1

CVE-2025-32439 - pleezer allows resource exhaustion through uncollected hook script processes

pleezer is a headless Deezer Connect player. Hook scripts in pleezer can be triggered by various events like track changes and playback state changes. In versions before 0.16.0, these scripts were spawned without proper process cleanup, leaving zombie processes in the system's process table. Even dโ€ฆ

๐Ÿ“… Published: April 15, 2025, 7:27 p.m. ๐Ÿ”„ Last Modified: April 16, 2025, 1:25 p.m.

0.0

CVE-2025-34998 -

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure.

๐Ÿ“… Published: April 15, 2025, 7:15 p.m. ๐Ÿ”„ Last Modified: Jan. 2, 2026, 4:35 p.m.

0.0

CVE-2025-34993 -

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure.

๐Ÿ“… Published: April 15, 2025, 7:15 p.m. ๐Ÿ”„ Last Modified: Jan. 2, 2026, 4:35 p.m.

0.0

CVE-2025-34995 -

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure.

๐Ÿ“… Published: April 15, 2025, 7:15 p.m. ๐Ÿ”„ Last Modified: Jan. 2, 2026, 4:35 p.m.

0.0

CVE-2025-35002 -

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure.

๐Ÿ“… Published: April 15, 2025, 7:15 p.m. ๐Ÿ”„ Last Modified: Jan. 2, 2026, 4:35 p.m.
Total resulsts: 343825
Page 5281 of 34,383
ยซ previous page ยป next page
Filters