Aggregator

A vulnerability was found in Intel Reference Platform. It has been declared as critical. The impacted element is an unknown function of the component UEFI FlashUcAcmSmm Module. Such manipulation leads to improper input validation. This vulnerability is listed as CVE-2025-20064. The attack must be carried out locally. There is no available exploit.

A vulnerability was found in Google Android. It has been classified as critical. The affected element is the function EfwApTransport::ProcessRxRing of the file efw_ap_transport.cc. This manipulation causes out-of-bounds write. This vulnerability is tracked as CVE-2026-0123. The attack is restricted to local execution. No exploit exists. It is suggested to install a patch to address this issue.

A vulnerability was found in Craft Commerce up to 5.5.2 and classified as problematic. Impacted is an unknown function of the component Commerce Inventory Page. The manipulation of the argument Product Title/Variant Title/Variant SKU results in cross site scripting. This vulnerability is identified as CVE-2026-29175. The attack can be executed remotely. There is not any exploit available. It is suggested to upgrade the affected component.

A vulnerability has been found in Google Android and classified as critical. This issue affects the function usim_SendMCCMNCIndMsg of the file usim_Registration.c. The manipulation leads to out-of-bounds write. This vulnerability is referenced as CVE-2026-0119. It is possible to launch the attack on the physical device. No exploit is available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as problematic, was found in Google Android. This vulnerability affects unknown code of the component oobconfig. Executing a manipulation can lead to out-of-bounds read. The identification of this vulnerability is CVE-2026-0118. The attack can only be executed locally. There is no exploit available. It is best practice to apply a patch to resolve this issue.

A vulnerability, which was classified as critical, has been found in Google Android. This affects the function mfc_dec_dqbuf of the file mfc_dec_v4l2.c. Performing a manipulation results in out-of-bounds write. This vulnerability was named CVE-2026-0117. The attack needs to be approached locally. There is no available exploit. Applying a patch is the recommended action to fix this issue.

A vulnerability classified as critical was found in Intel Reference Platform. Affected by this issue is some unknown functionality of the component UEFI Firmware. Such manipulation leads to improper input validation. This vulnerability is uniquely identified as CVE-2025-20096. Local access is required to approach this attack. No exploit exists.

A vulnerability classified as critical has been found in Intel Reference Platform See references. Affected by this vulnerability is an unknown functionality of the component UEFI Firmware. This manipulation causes memory corruption. This vulnerability is handled as CVE-2025-20005. It is possible to launch the attack on the local host. There is not any exploit available.

A vulnerability described as critical has been identified in Intel Reference Platform See references. Affected is an unknown function of the component WheaERST SMM Module. The manipulation results in time-of-check time-of-use. This vulnerability is known as CVE-2025-20028. Attacking locally is a requirement. No exploit is available.

A vulnerability marked as problematic has been reported in Google Android. This impacts an unknown function of the component VPU. The manipulation leads to information disclosure. This vulnerability is traded as CVE-2026-0121. An attack has to be approached locally. There is no exploit available. It is suggested to install a patch to address this issue.

A vulnerability labeled as problematic has been found in Intel Reference Platform. This affects an unknown function of the component UEFI PdaSmm Module. Executing a manipulation can lead to time-of-check time-of-use. This vulnerability appears as CVE-2025-22850. The attack requires local access. There is no available exploit.

A vulnerability identified as critical has been detected in Intel Reference Platform. The impacted element is an unknown function of the component UEFI ImcErrorHandler Module. Performing a manipulation results in improper input validation. This vulnerability is reported as CVE-2025-20068. The attack requires a local approach. No exploit exists.

A vulnerability categorized as critical has been discovered in Intel Reference Platform. The affected element is an unknown function of the component UEFI WheaERST Module. Such manipulation leads to improper input validation. This vulnerability is documented as CVE-2025-20027. The attack needs to be performed locally. There is not any exploit available.

A vulnerability was found in Intel Reference Platform. It has been rated as critical. Impacted is an unknown function of the component SMM Module. This manipulation causes improper input validation. This vulnerability is registered as CVE-2025-20105. The attack needs to be launched locally. No exploit is available.

A vulnerability was found in Intel Reference Platform. It has been declared as critical. This issue affects some unknown processing of the component UEFI DXE Module. The manipulation results in memory corruption. This vulnerability is cataloged as CVE-2025-20073. The attack must be initiated from a local position. There is no exploit available.

A vulnerability was found in Intel Reference Platform. It has been classified as problematic. This vulnerability affects unknown code of the component UEFI PdaSmm Module. The manipulation leads to exposure of resource. This vulnerability is listed as CVE-2025-22444. The attack must be carried out locally. There is no available exploit.

A vulnerability was found in Adobe Illustrator up to 29.8.4/30.1 and classified as problematic. This affects an unknown part of the component File Handler. Executing a manipulation can lead to out-of-bounds read. This vulnerability is tracked as CVE-2026-27270. The attack can be launched remotely. No exploit exists. It is suggested to upgrade the affected component.

A vulnerability has been found in Adobe Illustrator up to 29.8.4/30.1 and classified as problematic. Affected by this issue is some unknown functionality of the component File Handler. Performing a manipulation results in out-of-bounds read. This vulnerability is identified as CVE-2026-27268. The attack can be initiated remotely. There is not any exploit available. The affected component should be upgraded.

A vulnerability, which was classified as problematic, was found in Adobe Illustrator up to 29.8.4/30.1. Affected by this vulnerability is an unknown functionality of the component File Handler. Such manipulation leads to untrusted search path. This vulnerability is referenced as CVE-2026-21333. The attack can only be performed from a local environment. No exploit is available. You should upgrade the affected component.

A vulnerability, which was classified as critical, has been found in parse-community parse-server up to 8.6.17/9.0.0 9.5.2-alpha.4. Affected is an unknown function. This manipulation causes improper authentication. The identification of this vulnerability is CVE-2026-30949. It is possible to initiate the attack remotely. There is no exploit available. It is advisable to upgrade the affected component.