CVE-2025-1115

A vulnerability classified as problematic was found in RT-Thread up to 5.1.0. Affected by this vulnerability is the function sys_thread_create of the file rt-thread/components/lwp/lwp_syscall.c. The manipulation of the argument arg[0] leads to information disclosure. An attack has to be approached locally.

This Cyber News was published on www.tenable.com. Publication date: Sun, 09 Feb 2025 13:11:02 +0000

Cyber News related to CVE-2025-1115

CVE-2025-1115 - A vulnerability classified as problematic was found in RT-Thread up to 5.1.0. Affected by this vulnerability is the function sys_thread_create of the file rt-thread/components/lwp/lwp_syscall.c. The manipulation of the argument arg[0] leads to ...
2 days ago Tenable.com

CVE-2025-0977 - Update the openssl crate to version 0.10.70 and the openssl-sys crate to version 0.9.105. ...
4 days ago Tenable.com

Microsoft releases first Windows Server 2025 preview build - Microsoft has released Windows Server Insider Preview 26040, the first Windows Server 2025 build for admins enrolled in its Windows Insider program. This build is the first pushed for the next Windows Server Long-Term Servicing Channel Preview, which ...
1 year ago Bleepingcomputer.com

CVE-2021-1115 - NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for private IOCTLs, where an attacker with local unprivileged system access may cause a NULL pointer dereference, which may lead to denial ...
3 years ago

CVE-1999-1115 - Vulnerability in the /etc/suid_exec program in HP Apollo Domain/OS sr10.2 and sr10.3 beta, related to the Korn Shell (ksh). ...
16 years ago

CVE-2013-1115 - Buffer overflow in Cisco WebEx Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via ...
11 years ago

CVE-2002-1115 - Mantis 0.17.4a and earlier allows remote attackers to view private bugs by modifying the f_id bug ID parameter to (1) bug_update_advanced_page.php, (2) bug_update_page.php, (3) view_bug_advanced_page.php, or (4) view_bug_page.php. ...
8 years ago

CVE-2005-1115 - Multiple cross-site scripting (XSS) vulnerabilities in Photo Album 2.0.53 module for phpBB allow remote attackers to inject arbitrary web script or HTML via the bsid parameter to (1) album_cat.php or (2) album_comment.php. ...
8 years ago

CVE-2015-1115 - The Telephony component in Apple iOS before 8.3 allows attackers to bypass a sandbox protection mechanism and access unintended telephone capabilities via a crafted app. ...
8 years ago

CVE-2003-1115 - The Session Initiation Protocol (SIP) implementation in Nortel Networks Succession Communication Server 2000, when using SIP-T, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as ...
7 years ago

CVE-2004-1115 - The init scripts in Search for Extraterrestrial Intelligence (SETI) project 3.08-r3 and earlier execute user-owned programs with root privileges, which allows local users to gain privileges by modifying the programs. ...
7 years ago

CVE-2010-1115 - Directory traversal vulnerability in news/include/customize.php in Web Server Creator - Web Portal 0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the l parameter. ...
7 years ago

CVE-2008-1115 - Unspecified vulnerability in Sun Solaris 8 directory functions allows local users to cause a denial of service (panic) via an unspecified sequence of system calls or commands. ...
7 years ago

CVE-2000-1115 - Buffer overflow in remote web administration component (webprox.dll) of 602Pro LAN SUITE before 2000.0.1.33 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long GET request. ...
7 years ago

CVE-2001-1115 - generate.cgi in SIX-webboard 2.01 and before allows remote attackers to read arbitrary files via a dot dot (..) in the content parameter. ...
7 years ago

CVE-2007-1115 - The child frames in Opera 9 before 9.20 inherit the default charset from the parent window when a charset is not specified in an HTTP Content-Type header or META tag, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as ...
6 years ago

CVE-2006-1115 - nCipher HSM before 2.22.6, when generating a Diffie-Hellman public/private key pair without any specified DiscreteLogGroup parameters, chooses random parameters that could allow an attacker to crack the private key in significantly less time than a ...
6 years ago

CVE-2017-1115 - IBM Campaign 9.1, 9.1.2, and 10 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: ...
5 years ago

CVE-2012-1115 - A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the export, add_value_form, and dn parameters to cmd.php. ...
1 year ago

CVE-2016-1115 - Adobe ColdFusion 10 before Update 19, 11 before Update 8, and 2016 before Update 1 mishandles wildcards in name fields of X.509 certificates, which might allow man-in-the-middle attackers to spoof servers via a crafted certificate. ...
4 years ago

CVE-2011-1115 - Google Chrome before 9.0.597.107 does not properly render tables, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." ...
4 years ago

CVE-2020-1115 - An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of Privilege Vulnerability'. ...
3 years ago

CVE-2022-1115 - A heap-buffer-overflow flaw was found in ImageMagick’s PushShortPixel() function of quantum-private.h file. This vulnerability is triggered when an attacker passes a specially crafted TIFF image file to ImageMagick for conversion, potentially ...
2 years ago

CVE-2018-1115 - postgresql before versions 10.4, 9.6.9 is vulnerable in the adminpack extension, the pg_catalog.pg_logfile_rotate() function doesn't follow the same ACLs than pg_rorate_logfile. If the adminpack is added to a database, an attacker able to connect ...
2 years ago

CVE-2023-1115 - Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.18. ...
1 year ago

Latest Cyber News

CVE-2025-1193 - 14 hours ago
CVE-2024-11621 - 14 hours ago
CVE-2025-1147 - 14 hours ago
CVE-2025-1148 - 14 hours ago
CVE-2024-8684 - 15 hours ago
CVE-2024-8685 - 15 hours ago
CVE-2025-1175 - 15 hours ago
CVE-2025-25247 - 16 hours ago
CVE-2025-1099 - 17 hours ago
CVE-2025-21684 - 1 day ago
CVE-2025-21685 - 1 day ago
CVE-2024-57949 - 1 day ago
CVE-2024-13440 - 1 day ago
CVE-2025-0169 - 2 days ago
CVE-2024-5183 - 2 days ago
CVE-2024-6909 - 2 days ago
CVE-2024-8377 - 2 days ago
CVE-2025-0316 - 2 days ago
CVE-2025-0517 - 2 days ago
CVE-2023-4927 - 2 days ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

CVE-2025-1099 - 17 hours ago
CVE-2025-25247 - 16 hours ago
CVE-2024-8684 - 15 hours ago
CVE-2024-8685 - 15 hours ago
CVE-2025-1175 - 15 hours ago
CVE-2024-11621 - 14 hours ago
CVE-2025-1147 - 14 hours ago
CVE-2025-1148 - 14 hours ago
CVE-2025-1193 - 14 hours ago
CVE-2025-1115 - 2 days ago
CVE-2025-1116 - 2 days ago
CVE-2024-13850 - 2 days ago
CVE-2025-1117 - 2 days ago
CVE-2024-54176 - 2 days ago
CVE-2023-4927 - 2 days ago
CVE-2024-5183 - 2 days ago
CVE-2024-6909 - 2 days ago
CVE-2024-8377 - 2 days ago
CVE-2025-0316 - 2 days ago
CVE-2025-0517 - 2 days ago