11465 matches found
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an unchecked componentmatchadd function return value that could result in a null pointer dereference...
Malicious Package
Overview add-shopify-header is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in add-shopify-header (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b1579017bcad4a58a19270bb608486143fce58d13b9376d146e49b28bcb8e55f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
SUSE CVE-2025-40066
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Check phy before init mstalink in mt7996macstaaddlinks In order to avoid a possible NULL pointer dereference in mt7996macstainitlink routine, move the phy pointer check before running mt7996macstainitlink in...
CVE-2025-12330
A security flaw has been discovered in Willow CMS up to 1.4.0. This issue affects some unknown processing of the file /admin/articles/add of the component Add Post Page. The manipulation of the argument title/body results in cross site scripting. The attack may be launched remotely. The exploit h...
CVE-2025-12331
A weakness has been identified in Willow CMS up to 1.4.0. Impacted is an unknown function of the file /admin/images/add. This manipulation causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited...
CVE-2025-12334
A vulnerability was found in code-projects E-Commerce Website 1.0. Affected is an unknown function of the file /pages/productadd.php. The manipulation of the argument prodname/proddesc/prodcost results in cross site scripting. It is possible to launch the attack remotely. The exploit has been mad...
CVE-2025-12333
A vulnerability has been found in code-projects E-Commerce Website 1.0. This impacts an unknown function of the file /pages/supplieradd.php. The manipulation of the argument suppname/suppaddress leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...
CVE-2025-12291
A vulnerability was found in ashymuzuro Full-Ecommece-Website and Muzuro Ecommerce System up to 1.1.0. This affects an unknown part of the file /admin/index.php?addproduct of the component Add Product Page. The manipulation results in unrestricted upload. The attack may be performed from remote...
CVE-2025-40066
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Check phy before init mstalink in mt7996macstaaddlinks In order to avoid a possible NULL pointer dereference in mt7996macstainitlink routine, move the phy pointer check before running mt7996macstainitlink in...
CVE-2025-40066
In the Linux kernel, CVE-2025-40066 affects the mt76/mt7996 Wi‑Fi stack. The vulnerability stems from a potential NULL pointer dereference in mt7996_mac_sta_init_link during mt7996_mac_sta_add_links, triggered if a phy pointer is used before proper validation. The published fix moves the phy poin...
EUVD-2025-36462
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Check phy before init mstalink in mt7996macstaaddlinks In order to avoid a possible NULL pointer dereference in mt7996macstainitlink routine, move the phy pointer check before running mt7996macstainitlink in...
CVE-2025-40066 wifi: mt76: mt7996: Check phy before init msta_link in mt7996_mac_sta_add_links()
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Check phy before init mstalink in mt7996macstaaddlinks In order to avoid a possible NULL pointer dereference in mt7996macstainitlink routine, move the phy pointer check before running mt7996macstainitlink in...
CVE-2025-12227
A vulnerability was determined in projectworlds Gate Pass Management System 1.0. The affected element is an unknown function of the file /add-pass.php. Executing a manipulation can lead to cross site scripting. The attack can be executed remotely. The exploit has been publicly disclosed and may b...
SUSE CVE-2022-50559
In the Linux kernel, the following vulnerability has been resolved: clk: imx: scu: fix memleak on platformdeviceadd fails No error handling is performed when platformdeviceadd fails. Add error processing before return, and modified the return value...
EUVD-2025-36373
A vulnerability has been found in code-projects E-Commerce Website 1.0. This impacts an unknown function of the file /pages/supplieradd.php. The manipulation of the argument suppname/suppaddress leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...
EUVD-2025-36375
A weakness has been identified in Willow CMS up to 1.4.0. Impacted is an unknown function of the file /admin/images/add. This manipulation causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited...
EUVD-2025-36376
A security flaw has been discovered in Willow CMS up to 1.4.0. This issue affects some unknown processing of the file /admin/articles/add of the component Add Post Page. The manipulation of the argument title/body results in cross site scripting. The attack may be launched remotely. The exploit h...
Linux Distros Unpatched Vulnerability : CVE-2025-40066
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Check phy before init mstalink in mt7996macstaaddlinks In order to avoid...
CVE-2025-12334
A vulnerability was found in code-projects E-Commerce Website 1.0. Affected is an unknown function of the file /pages/productadd.php. The manipulation of the argument prodname/proddesc/prodcost results in cross site scripting. It is possible to launch the attack remotely. The exploit has been mad...