Overview CVE-2025-48511 is a medium severity vulnerability found within the AMD uprof component. This flaw allows a local attacker to potentially write to arbitrary physical addresses due to improper input validation. Successful exploitation could result in a system crash or a denial-of-service (DoS) condition. Technical Details The vulnerability stems from inadequate input validation within the AMD uprof module. Specifically, the software does not properly sanitize or validate user-supplied input when interacting with memory addresses. This lack of validation enables a malicious local attacker to craft input that forces the application to write data to an unintended and potentially critical physical…
-
-
Overview CVE-2025-48510 is a high-severity security vulnerability affecting AMD uProf. This vulnerability stems from an improper return value, which allows a local attacker to bypass Kernel Space Layout Randomization (KSLR). Successful exploitation of this vulnerability could lead to a loss of confidentiality or availability of the affected system. Technical Details The vulnerability lies within the error handling or return value logic of a specific function in AMD uProf. A malformed input or unexpected condition can cause the function to return an incorrect value that is not properly validated by the calling function. This allows an attacker with local access to…
-
Overview CVE-2025-36150 identifies a medium-severity vulnerability affecting IBM Concert versions 1.0.0 through 2.0.0. This vulnerability stems from the use of weaker-than-expected cryptographic algorithms, potentially allowing attackers to decrypt sensitive information. This page provides a detailed analysis of the vulnerability, its potential impact, and necessary mitigation steps. Technical Details IBM Concert, in versions 1.0.0 to 2.0.0, utilizes cryptographic algorithms that are considered insufficient for protecting highly sensitive data. The specific algorithms or key lengths used are not specified in the initial CVE description, but their weakness makes the encrypted data vulnerable to various cryptanalytic attacks. A successful exploit could allow an…
-
Overview CVE-2025-29933 describes a medium severity vulnerability affecting AMD uProf. This vulnerability stems from improper input validation, which could allow a local attacker to perform an out-of-bounds write operation. Successful exploitation of this vulnerability may lead to a system crash or denial of service. Technical Details The vulnerability resides within the input handling mechanisms of AMD uProf. Specifically, the application fails to adequately validate user-supplied input before using it to access memory. A local attacker with sufficient privileges could craft malicious input that causes uProf to write data beyond the intended memory buffer, resulting in memory corruption. This out-of-bounds write…
-
Overview CVE-2025-0007 is a medium-severity vulnerability found within the Xilinx Run Time (XRT) framework. This vulnerability stems from insufficient validation of input, which could allow a local attacker to escalate privileges from user space to kernel space. Successfully exploiting this flaw can compromise the confidentiality, integrity, and availability of the affected system. This vulnerability was published on 2025-11-24T21:16:02.023 and has a CVSS score of 5.7. Technical Details The specific technical details of the insufficient validation within the Xilinx Run Time framework are not publicly available beyond the general description provided. However, based on the description, the vulnerability likely resides in…
-
Overview CVE-2025-0003 describes a high-severity Use-After-Free vulnerability discovered in Xilinx Runtime. This flaw stems from inadequate lock protection, potentially allowing a local attacker to trigger a Use-After-Free condition. Successful exploitation could lead to a loss of confidentiality or system availability. Technical Details The vulnerability lies within the Xilinx Runtime (XRT). Insufficient locking mechanisms around shared resources allow for a race condition to occur. A local attacker with sufficient privileges can potentially manipulate the timing of operations, leading to a scenario where memory is freed while still being referenced. Subsequently, the attacker can then attempt to access or manipulate the freed…
-
Overview CVE-2024-14007 describes a critical authentication bypass vulnerability affecting Shenzhen TVT Digital Technology Co., Ltd. NVMS-9000 firmware versions prior to 1.3.4. This firmware is often used in various white-labeled DVR/NVR/IPC (Digital Video Recorder/Network Video Recorder/IP Camera) products. The vulnerability resides in the NVMS-9000 control protocol, allowing an unauthenticated remote attacker to execute privileged administrative query commands by sending a specially crafted TCP payload to an exposed control port. Technical Details The NVMS-9000 control protocol lacks proper authentication mechanisms. By sending a specifically crafted TCP packet to the designated control port (typically port 8000 or a similar port), an attacker can…
-
Overview CVE-2023-7330 describes a critical unauthenticated arbitrary file upload vulnerability affecting Ruijie NBR series routers. Discovered in 2025 and actively exploited since, this flaw allows a remote attacker to upload malicious PHP files to the router without authentication, leading to arbitrary code execution on the device. The vulnerable endpoint is `/ddi/server/fileupload.php`. Technical Details The vulnerability resides within the `/ddi/server/fileupload.php` endpoint. This endpoint is designed to handle file uploads, but it lacks proper validation and sanitization of user-supplied input. Specifically, the `name` and `uploadDir` parameters can be manipulated by an attacker. The endpoint fails to adequately check the file type, path,…
-
Overview CVE-2018-25126 exposes a significant security vulnerability within the firmware of Shenzhen TVT Digital Technology Co., Ltd. NVMS-9000. This firmware is commonly utilized in various white-labeled Digital Video Recorder (DVR), Network Video Recorder (NVR), and Internet Protocol Camera (IPC) products. The vulnerability stems from two primary issues: the presence of hardcoded API credentials and an OS command injection flaw within the configuration services. This allows for unauthenticated remote attackers to gain arbitrary command execution as root. Technical Details The NVMS-9000 web/API interface accepts HTTP/XML requests. Authentication is bypassed using a fixed vendor credential string, a hardcoded value present within the…
-
Overview CVE-2025-64048 is a medium severity stored Cross-Site Scripting (XSS) vulnerability found in YCCMS version 3.4. This vulnerability resides within the article management functionality, specifically affecting the handling of article titles. An attacker can exploit this flaw to inject malicious JavaScript code into the article title field. When other users view the affected article, the injected script will execute in their browsers, potentially leading to account compromise, data theft, or defacement of the website. Technical Details The vulnerability stems from insufficient input sanitization within the add() and getPost() functions of the ArticleAction.class.php file. Specifically, the application fails to properly neutralize…