Security Vulnerabilities
Improper input validation in the Netconf service in Infinera MTC-9 allows remote authenticated users to crash the service and
reboot the appliance, thus causing a DoS condition, via crafted XML
payloads.This issue affects MTC-9: from R22.1.1.0275 before R23.0.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-12-08
Permission control vulnerability in the media library module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVSS Score
4.4
EPSS Score
0.0
Published
2025-12-08
Race condition vulnerability in the audio module. Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
6.7
EPSS Score
0.0
Published
2025-12-08
Multi-thread race condition vulnerability in the camera framework module. Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
5.1
EPSS Score
0.0
Published
2025-12-08
Multi-thread race condition vulnerability in the camera framework module. Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
5.1
EPSS Score
0.0
Published
2025-12-08
Vulnerability of improper criterion security check in the card module. Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-12-08
Input verification vulnerability in the compression and decompression module. Impact: Successful exploitation of this vulnerability may affect app data integrity.
CVSS Score
8.4
EPSS Score
0.0
Published
2025-12-08
Multi-thread race condition vulnerability in the camera framework module. Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
5.1
EPSS Score
0.0
Published
2025-12-08
A flaw has been found in code-projects Employee Profile Management System 1.0. Affected is an unknown function of the file /print_personnel_report.php. This manipulation of the argument per_id causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used.
CVSS Score
6.3
EPSS Score
0.0
Published
2025-12-08
A vulnerability has been found in code-projects Simple Leave Manager 1.0. Affected by this vulnerability is an unknown functionality of the file /request.php. Such manipulation of the argument staff_id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
7.3
EPSS Score
0.0
Published
2025-12-08