Security Vulnerabilities
Input verification vulnerability in the home screen module.
Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
6.2
EPSS Score
0.0
Published
2025-08-06
Vulnerability of insufficient information protection in the media library module.
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVSS Score
6.2
EPSS Score
0.0
Published
2025-08-06
Status verification vulnerability in the lock screen module.
Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
CVSS Score
7.3
EPSS Score
0.0
Published
2025-08-06
Authentication management vulnerability in the ArkWeb module.
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVSS Score
7.7
EPSS Score
0.0
Published
2025-08-06
Vulnerability that allows setting screen rotation direction without permission verification in the screen management module.
Impact: Successful exploitation of this vulnerability may cause device screen orientation to be arbitrarily set.
CVSS Score
6.2
EPSS Score
0.0
Published
2025-08-06
Out-of-bounds access vulnerability in the audio codec module.
Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-08-06
Path traversal vulnerability in the virtualization file module. Successful exploitation of this vulnerability may affect the confidentiality of the virtualization file module.
CVSS Score
8.4
EPSS Score
0.0
Published
2025-08-06
Race condition vulnerability in the virtualization base module. Successful exploitation of this vulnerability may affect the confidentiality and integrity of the virtualization graphics module.
CVSS Score
8.1
EPSS Score
0.0
Published
2025-08-06
Path traversal vulnerability in the virtualization base module. Successful exploitation of this vulnerability may affect the confidentiality of the virtualization module.
CVSS Score
8.4
EPSS Score
0.0
Published
2025-08-06
Fiber is an Express inspired web framework written in Go. In versions 2.52.8 and below, when using Fiber's Ctx.BodyParser to parse form data containing a large numeric key that represents a slice index (e.g., test.18446744073704), the application crashes due to an out-of-bounds slice allocation in the underlying schema decoder. The root cause is that the decoder attempts to allocate a slice of length idx + 1 without validating whether the index is within a safe or reasonable range. If the idx is excessively large, this leads to an integer overflow or memory exhaustion, causing a panic or crash. This is fixed in version 2.52.9.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-08-06