Lucene search
K

11465 matches found

CNNVD
CNNVD
added 2025/10/30 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an unchecked componentmatchadd function return value that could result in a null pointer dereference...

6.1AI score0.00181EPSS
Exploits0References3
Snyk
Snyk
added 2025/10/29 10:46 p.m.2 views

Malicious Package

Overview add-shopify-header is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/10/29 10:46 p.m.2 views

Malicious code in add-shopify-header (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b1579017bcad4a58a19270bb608486143fce58d13b9376d146e49b28bcb8e55f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.8AI score
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/10/29 12:24 a.m.4 views

SUSE CVE-2025-40066

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Check phy before init mstalink in mt7996macstaaddlinks In order to avoid a possible NULL pointer dereference in mt7996macstainitlink routine, move the phy pointer check before running mt7996macstainitlink in...

5.5CVSS6.4AI score0.0017EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/10/28 10:59 p.m.15 views

CVE-2025-12330

A security flaw has been discovered in Willow CMS up to 1.4.0. This issue affects some unknown processing of the file /admin/articles/add of the component Add Post Page. The manipulation of the argument title/body results in cross site scripting. The attack may be launched remotely. The exploit h...

4.8CVSS3.1AI score0.00246EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/10/28 10:59 p.m.9 views

CVE-2025-12331

A weakness has been identified in Willow CMS up to 1.4.0. Impacted is an unknown function of the file /admin/images/add. This manipulation causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited...

7.2CVSS4.7AI score0.0035EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/10/28 10:59 p.m.13 views

CVE-2025-12334

A vulnerability was found in code-projects E-Commerce Website 1.0. Affected is an unknown function of the file /pages/productadd.php. The manipulation of the argument prodname/proddesc/prodcost results in cross site scripting. It is possible to launch the attack remotely. The exploit has been mad...

6.1CVSS3.9AI score0.00356EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/10/28 10:59 p.m.7 views

CVE-2025-12333

A vulnerability has been found in code-projects E-Commerce Website 1.0. This impacts an unknown function of the file /pages/supplieradd.php. The manipulation of the argument suppname/suppaddress leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...

6.1CVSS3.8AI score0.00356EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/10/28 3:59 p.m.3 views

CVE-2025-12291

A vulnerability was found in ashymuzuro Full-Ecommece-Website and Muzuro Ecommerce System up to 1.1.0. This affects an unknown part of the file /admin/index.php?addproduct of the component Add Product Page. The manipulation results in unrestricted upload. The attack may be performed from remote...

5.8CVSS6.2AI score0.00276EPSS
Exploits0References1
NVD
NVD
added 2025/10/28 12:15 p.m.3 views

CVE-2025-40066

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Check phy before init mstalink in mt7996macstaaddlinks In order to avoid a possible NULL pointer dereference in mt7996macstainitlink routine, move the phy pointer check before running mt7996macstainitlink in...

0.0017EPSS
Exploits0References2
CVE
CVE
added 2025/10/28 11:48 a.m.12 views

CVE-2025-40066

In the Linux kernel, CVE-2025-40066 affects the mt76/mt7996 Wi‑Fi stack. The vulnerability stems from a potential NULL pointer dereference in mt7996_mac_sta_init_link during mt7996_mac_sta_add_links, triggered if a phy pointer is used before proper validation. The published fix moves the phy poin...

6AI score0.0017EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/28 11:48 a.m.5 views

EUVD-2025-36462

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Check phy before init mstalink in mt7996macstaaddlinks In order to avoid a possible NULL pointer dereference in mt7996macstainitlink routine, move the phy pointer check before running mt7996macstainitlink in...

5.9AI score0.0017EPSS
Exploits0References3
OSV
OSV
added 2025/10/28 11:48 a.m.6 views

CVE-2025-40066 wifi: mt76: mt7996: Check phy before init msta_link in mt7996_mac_sta_add_links()

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Check phy before init mstalink in mt7996macstaaddlinks In order to avoid a possible NULL pointer dereference in mt7996macstainitlink routine, move the phy pointer check before running mt7996macstainitlink in...

6.3AI score0.0017EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/10/28 6:59 a.m.15 views

CVE-2025-12227

A vulnerability was determined in projectworlds Gate Pass Management System 1.0. The affected element is an unknown function of the file /add-pass.php. Executing a manipulation can lead to cross site scripting. The attack can be executed remotely. The exploit has been publicly disclosed and may b...

5.4CVSS3.3AI score0.00224EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2025/10/28 12:55 a.m.1 views

SUSE CVE-2022-50559

In the Linux kernel, the following vulnerability has been resolved: clk: imx: scu: fix memleak on platformdeviceadd fails No error handling is performed when platformdeviceadd fails. Add error processing before return, and modified the return value...

5.5CVSS6.6AI score0.00195EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/28 12:31 a.m.5 views

EUVD-2025-36373

A vulnerability has been found in code-projects E-Commerce Website 1.0. This impacts an unknown function of the file /pages/supplieradd.php. The manipulation of the argument suppname/suppaddress leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...

5.3CVSS3.8AI score0.00356EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/28 12:31 a.m.6 views

EUVD-2025-36375

A weakness has been identified in Willow CMS up to 1.4.0. Impacted is an unknown function of the file /admin/images/add. This manipulation causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited...

5.8CVSS4.6AI score0.0035EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/28 12:31 a.m.6 views

EUVD-2025-36376

A security flaw has been discovered in Willow CMS up to 1.4.0. This issue affects some unknown processing of the file /admin/articles/add of the component Add Post Page. The manipulation of the argument title/body results in cross site scripting. The attack may be launched remotely. The exploit h...

4.8CVSS2.8AI score0.00246EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2025/10/28 12:0 a.m.1 views

Linux Distros Unpatched Vulnerability : CVE-2025-40066

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Check phy before init mstalink in mt7996macstaaddlinks In order to avoid...

5.9AI score0.0017EPSS
Exploits0References2
NVD
NVD
added 2025/10/27 11:15 p.m.6 views

CVE-2025-12334

A vulnerability was found in code-projects E-Commerce Website 1.0. Affected is an unknown function of the file /pages/productadd.php. The manipulation of the argument prodname/proddesc/prodcost results in cross site scripting. It is possible to launch the attack remotely. The exploit has been mad...

6.1CVSS0.00356EPSS
Exploits1References5
Rows per page
Query Builder