MAL-2025-37975 Malicious code in ustack (npm)

The package ustack was found to contain malicious code...

Linux Distros Unpatched Vulnerability : CVE-2025-37975

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: riscv: module: Fix out-of-bounds relocation access The current code allows relj to access on...

CVE-2025-37975

creationtimestamp| type| source ---|---|--- 2025-05-20 17:47:10+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/17040...

CVE-2025-37975

In the Linux kernel, the following vulnerability has been resolved: riscv: module: Fix out-of-bounds relocation access The current code allows relj to access one element past the end of the relocation section. Simplify to numrelocations which is equivalent to the existing size expression...

CVE-2025-37975

CVE-2025-37975 : Linux kernel riscv module relocation fix for out‑of‑bounds access in relocation handling. The patch replaces the end‑of‑relocation access rel[j] with a bounds‑checked approach using num_relocations, effectively correcting the relocation size calculation. The vulnerability is desc...

CVE-2025-37975 riscv: module: Fix out-of-bounds relocation access

In the Linux kernel, the following vulnerability has been resolved: riscv: module: Fix out-of-bounds relocation access The current code allows relj to access one element past the end of the relocation section. Simplify to numrelocations which is equivalent to the existing size expression...

CVE-2025-37975

In the Linux kernel, the following vulnerability has been resolved: riscv: module: Fix out-of-bounds relocation access The current code allows relj to access one element past the end of the relocation section. Simplify to numrelocations which is equivalent to the existing size expression...

CVE-2025-37975 riscv: module: Fix out-of-bounds relocation access

In the Linux kernel, the following vulnerability has been resolved: riscv: module: Fix out-of-bounds relocation access The current code allows relj to access one element past the end of the relocation section. Simplify to numrelocations which is equivalent to the existing size expression...

CVE-2024-37975

Technical details for CVE-2024-37975 are not provided in the connected documents. The available materials only label it as a Secure Boot bypass without product, vector, impact, or remediation specifics. Monitor for updates for publicly disclosed details.

CVE-2024-37975 Secure Boot Security Feature Bypass Vulnerability

...

CVE-2023-37975

creationtimestamp| type| source ---|---|--- 2023-07-27 18:28:53+00:00| seen| https://t.me/cibsecurity/67328...

CVE-2023-37975

CVE-2023-37975 concerns RadiusTheme Variation Swatches for WooCommerce (WordPress plugin) before 2.3.8. It is an unauthenticated Reflected Cross‑Site Scripting (XSS) vulnerability in versions

CVE-2023-37975 WordPress Variation Swatches for WooCommerce Plugin <= 2.3.7 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in RadiusTheme Variation Swatches for WooCommerce plugin = 2.3.7 versions...

WordPress Variation Swatches for WooCommerce Plugin <= 2.3.7 is vulnerable to Cross Site Scripting (XSS)

Software Variation Swatches for WooCommerce Type Plugin Vulnerable versions = 2.3.7 Fixed in 2.3.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-37975 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 70e0da08f785 Credit...

SUSE CVE-2021-37975

Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Microsoft Windows Multiple Vulnerabilities (KB5018457)

This host is missing an important security update according to Microsoft KB5018457 SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

CVE-2022-37975

Windows Group Policy Elevation of Privilege Vulnerability...

CVE-2022-37975 Windows Group Policy Elevation of Privilege Vulnerability

...

CVE-2022-37975

Technical details about CVE-2022-37975 (root cause, affected products/versions, exploit info, or explicit fix) are not provided in the connected documents. Monitor for official updates from Microsoft and CVE advisories for concrete remediation guidance.

CVE-2021-37975

Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...