CVE-2025-22029

CVE-2025-22029 is rejected by its CNA and is not an active vulnerability entry.

CVE-2025-22029

...

CVE-2025-32778

Web-Check is an all-in-one OSINT tool for analyzing any website. A command injection vulnerability exists in the screenshot API of the Web Check project Lissy93/web-check. The issue stems from user-controlled input url being passed unsanitized into a shell command using exec, allowing attackers t...

Deserialization of Untrusted Data

Overview picklescan is a Security scanner detecting Python Pickle files performing suspicious actions Affected versions of this package are vulnerable to Deserialization of Untrusted Data in scanner.py, which does not include numpy.testing.private.utils or other modules that can be leveraged for...

GHSA-VQ4P-PCHP-6G6V Apache Camel Missing Header Out Filter Leads to Potential Bypass/Injection Vulnerability

Bypass/Injection vulnerability in Apache Camel in Camel-Undertow component under particular conditions. This issue affects Apache Camel: from 4.10.0 before 4.10.3, from 4.8.0 before 4.8.6. Users are recommended to upgrade to version 4.10.3 for 4.10.x LTS and 4.8.6 for 4.8.x LTS. Camel undertow...

Remote Code Execution (RCE)

Overview mcpadapt is an Adapt MCP servers to many agentic framework. Affected versions of this package are vulnerable to Remote Code Execution RCE due to unsanitized input in the SmolAgentsAdapter where untrusted MCP server responses are interpolated into a dynamic Python class via an exec call...

DEBIAN-CVE-2025-21889

In the Linux kernel, the following vulnerability has been resolved: perf/core: Add RCU read lock protection to perfiteratectx The perfiteratectx function performs RCU list traversal but currently lacks RCU read lock protection. This causes lockdep warnings when running perf probe with unshare1...

GHSA-2C2H-2855-MF97 Apache Camel: Camel Message Header Injection via Improper Filtering

Bypass/Injection vulnerability in Apache Camel components under particular conditions. This issue affects Apache Camel: from 4.9.0 through = 4.10.1, from 4.8.0 through = 4.8.4, from 3.10.0 through = 3.22.3. Users are recommended to upgrade to version 4.10.2 for 4.10.x LTS, 4.8.5 for 4.8.x LTS and...

Linux Distros Unpatched Vulnerability : CVE-2024-53087

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix possible exec queue leak in exec IOCTL In a couple of places after an exec queue...

Linux Distros Unpatched Vulnerability : CVE-2021-47350

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - powerpc/mm: Fix lockup on kernel exec fault The powerpc kernel is not prepared to handle exec faults from kernel. Especially, the function isexecfault will retu...

SUSE CVE-2022-49446

In the Linux kernel, the following vulnerability has been resolved: nvdimm: Fix firmware activation deadlock scenarios Lockdep reports the following deadlock scenarios for CXL root device power-management, deviceprepare, operations, and deviceshutdown operations for 'ndregion' devices: Chain exis...

CVE-2022-49264

In the Linux kernel, the following vulnerability has been resolved: exec: Force single empty string when argv is empty Quoting1 Ariadne Conill: "In several other operating systems, it is a hard requirement that the second argument to execve2 be the name of a program, thus prohibiting a scenario...

CVE-2022-25923

Versions of the package exec-local-bin before 1.2.0 are vulnerable to Command Injection via the theProcess functionality due to improper user-input sanitization...

CVE-2020-36167

An issue was discovered in the server in Veritas Backup Exec through 16.2, 20.6 before hotfix 298543, and 21.1 before hotfix 657517. On start-up, it loads the OpenSSL library from the Installation folder. This library in turn attempts to load the /usr/local/ssl/openssl.cnf configuration file, whi...

CVE-2024-21532

All versions of the package ggit are vulnerable to Command Injection via the fetchTagsbranch API, which allows user input to specify the branch to be fetched and then concatenates this string along with a git command which is then passed to the unsafe exec Node.js child process API...

CVE-2024-33673

An issue was discovered in Veritas Backup Exec before 22.2 HotFix 917391. Improper access controls allow for DLL Hijacking in the Windows DLL Search path...

CVE-2024-33671

An issue was discovered in Veritas Backup Exec before 22.2 HotFix 917391. The Backup Exec Deduplication Multi-threaded Streaming Agent can be leveraged to perform arbitrary file deletion on protected files...

Improper Access Control

org.apache.hive:hive-exec is vulnerable to Improper Access Control. The vulnerability is due to insecure file permissions due to the credentials file being created with default permissions of 644 in a temporary directory, allowing unauthorized users to read sensitive information...

ai.chronon:flink_2.12 (>=0.0.62 <=def544ccef5f753238ecc4adfc2eaa7d2fc36d53-0.0.91), ai.chronon:online_2.12 (>=0.0.25 <=def544ccef5f753238ecc4adfc2eaa7d2fc36d53-0.0.91) +555 more potentially affected by CVE-2024-29869 via org.apache.hive:hive-exec (>=0.8.0 <=4.0.0)

org.apache.hive:hive-exec MAVEN version =0.8.0, =0.0.62, =0.0.25, =0.0.25, =0.0.86, =0.0.8, =0.0.6, =3.18.0.9, =6.5.0, =1.5.8, =0.2.7, =1.3.3, =1.4.0, =1.0.0, =2.0.0, =3.1.0 and more Source cves: CVE-2024-29869 Source advisory: OSV:GHSA-C476-J253-5RGQ...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: bridge: xmit: make sure we have at least eth header len bytes CVE-2024-38538 In the Linux kernel, the following vulnerability has been resolved: drm/shmem-helper: Fix BUGON on mmapPROTWRITE, MAPPRIVATE...