Security Vulnerabilities
Cryptographic Issue when a shared VM reference allows HLOS to boot loader and access cert chain.
CVSS Score
7.1
EPSS Score
0.0
Published
2026-03-02
Memory Corruption when concurrent access to shared buffer occurs due to improper synchronization between assignment and deallocation of buffer resources.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-03-02
Memory corruption while handling different IOCTL calls from the user-space simultaneously.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-03-02
Memory Corruption when concurrent access to shared buffer occurs during IOCTL calls.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-03-02
Transient DOS when an LTE RLC packet with invalid TB is received by UE.
CVSS Score
6.5
EPSS Score
0.0
Published
2026-03-02
Memory Corruption when accessing buffers with invalid length during TA invocation.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-03-02
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to arbitrary code execution in ip/ppes/admin/admin_change_picture.php.
CVSS Score
7.2
EPSS Score
0.001
Published
2026-03-02
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/edit_tecnical_user.php.
CVSS Score
9.8
EPSS Score
0.0
Published
2026-03-02
An issue in Twenty CRM v1.15.0 and before allows a remote attacker to execute arbitrary code via the local.driver.ts module.
CVSS Score
9.8
EPSS Score
0.003
Published
2026-03-02
Textream is a free macOS teleprompter app. Prior to version 1.5.1, the `DirectorServer` WebSocket server (`ws://127.0.0.1:<httpPort+1>`) accepts connections from any origin without validating the HTTP `Origin` header during the WebSocket handshake. A malicious web page visited in the same browser session can silently connect to the local WebSocket server and send arbitrary `DirectorCommand` payloads, allowing full remote control of the teleprompter content. Version 1.5.1 fixes the issue.
CVSS Score
7.6
EPSS Score
0.0
Published
2026-03-02