Tagged: Cybersecurity Alert

RG – AP180, Indoor Wall Plate Wireless AP AP180 series provided by Ruijie Networks Co., Ltd. contain an OS command injection vulnerability. An arbitrary OS command may be executed on the product by an...

Memory corruption while processing MFC channel configuration during music playback. More information : https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2025-bulletin.html

Memory corruption while copying packets received from unix clients. More information : https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2025-bulletin.html

Memory corruption while handling IOCTL calls to set mode. More information : https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2025-bulletin.html

Memory corruption while routing GPR packets between user and root when handling large data packet. More information : https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2025-bulletin.html

Information disclosure while processing system calls with invalid parameters. More information : https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2025-bulletin.html

Memory corruption during video playback when video session open fails with time out error. More information : https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2025-bulletin.html

Information disclosure while exposing internal TA-to-TA communication APIs to HLOS More information : https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2025-bulletin.html

Roundcube Webmail before 1.5.12 and 1.6 before 1.6.12 is prone to a Cross-Site-Scripting (XSS) vulnerability via the animate tag in an SVG document. More information : https://github.com/roundcube/roundcubemail/commit/bfa032631c36b900e7444dfa278340b33cbf7cdb

Roundcube Webmail before 1.5.12 and 1.6 before 1.6.12 is prone to a information disclosure vulnerability in the HTML style sanitizer. More information : https://github.com/roundcube/roundcubemail/commit/08de250fba731b634bed188bbe18d2f6ef3c7571

The Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the sanitize_pdf_src function regex bypass in all versions up to, and including,...

A security vulnerability has been detected in y_project RuoYi up to 4.8.1. The affected element is an unknown function of the file /monitor/cache/getnames. Such manipulation of the argument fragment leads to code injection. The...

A flaw has been found in OFFIS DCMTK up to 3.6.9. The impacted element is the function DcmQueryRetrieveIndexDatabaseHandle::startFindRequest/DcmQueryRetrieveIndexDatabaseHandle::startMoveRequest in the library dcmqrdb/libsrc/dcmqrdbi.cc of the component dcmqrscp. This manipulation causes null pointer dereference. The attack...

A vulnerability has been found in ZZCMS 2025. Affected by this issue is the function stripfxg of the file /admin/siteconfig.php of the component Backend Website Settings Module. Such manipulation of the argument icp leads...