Exploit for Cross-Site Request Forgery (CSRF) in Internet-Formation Wp-Advanced-Search

CVE-2022-47447 POC CSRF - CVE-2022-47447 --- ⚠️ Uso exclu...

ROS-20260126-73-0049

A vulnerability in the drm/amd/pm/smu11 component of the Linux operating system kernel is related to the lack of division by zero check. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Exploit for SQL Injection in Internet-Formation Wp-Advanced-Search

CVE-20...

Moderate: Red Hat Security Advisory: Red Hat Advanced Cluster Management for Kubernetes v2.15.1 security update

Red Hat Advanced Cluster Management for Kubernetes 2.15 General Availability release images, which add new features and enhancements, bug fixes, and updated container images. Red Hat Advanced Cluster Management for Kubernetes 2.15 images Red Hat Advanced Cluster Management for Kubernetes provides...

CVE-2025-9290

An authentication weakness was identified in Omada Controllers, Gateways and Access Points, controller-device adoption due to improper handling of random values. Exploitation requires advanced network positioning and allows an attacker to intercept adoption traffic and forge valid authentication...

Recommended update for kernel-firmware

This update for kernel-firmware fixes the following issues: Update AMD ucode to 20251203 bsc1256483 Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

WordPress Advanced WooCommerce Product Sales Reporting plugin <= 4.1.2 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Que Thanh Tuan in WordPress Plugin Advanced WooCommerce Product Sales Reporting versions = 4.1.2...

EUVD-2025-206326

A Cross-Site Scripting XSS vulnerability was identified in a parameter in Omada Controllers due to improper input sanitization. Exploitation requires advanced conditions, such as network positioning or emulating a trusted entity, and user interaction by an authenticated administrator. If...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004923)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004923 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: clear optc underflow before turn off odm clock Why After ODM clock off, optc...

CVE-2025-9290

An authentication weakness was identified in Omada Controllers, Gateways and Access Points, controller-device adoption due to improper handling of random values. Exploitation requires advanced network positioning and allows an attacker to intercept adoption traffic and forge valid authentication...

SUSE-SU-2026:0216-1 Security update for kernel-firmware

This update for kernel-firmware fixes the following issues: - Update AMD CPU ucode to 20251203 bsc1256483...

nullsec-exploit

💀 NullSec Exploit Advanced Exploit Development & Payload...

CVE-2025-27378

AES contains a SQL injection vulnerability due to an inactive configuration that prevents the latest SQL parsing logic from being applied. When this configuration is not enabled, crafted input may be improperly handled, allowing attackers to inject and execute arbitrary SQL queries...

CVE-2025-27378 SQL Injection in AES Due to Inactive SQL Parsing Configuration

AES contains a SQL injection vulnerability due to an inactive configuration that prevents the latest SQL parsing logic from being applied. When this configuration is not enabled, crafted input may be improperly handled, allowing attackers to inject and execute arbitrary SQL queries...

kernel: Linux kernel: ALSA: ump buffer overflow via malformed UMP SysEx message

A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA Universal MIDI Packet UMP driver. This vulnerability allows a buffer overflow and potential memory corruption via a malformed Universal MIDI Packet UMP System Exclusive SysEx message during MIDI 1.0 to UMP conversion...

Important: Red Hat Security Advisory: libsoup security update

An update for libsoup is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerabili...

CVE-2025-14533

The Wordfence disclosure confirms CVE-2025-14533 affects the Advanced Custom Fields: Extended plugin for WordPress (

CVE-2025-14533 Advanced Custom Fields: Extended <= 0.9.2.1 - Unauthenticated Privilege Escalation via Insert User Form Action

The Advanced Custom Fields: Extended plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 0.9.2.1. This is due to the 'insertuser' function not restricting the roles with which a user can register. This makes it possible for unauthenticated attackers to...

CVE-2025-14533 Advanced Custom Fields: Extended <= 0.9.2.1 - Unauthenticated Privilege Escalation via Insert User Form Action

The Advanced Custom Fields: Extended plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 0.9.2.1. This is due to the 'insertuser' function not restricting the roles with which a user can register. This makes it possible for unauthenticated attackers to...

WordPress Advanced Custom Fields: Extended plugin <= 0.9.2.1 - Unauthenticated Privilege Escalation via Insert User Form Action vulnerability

Unauthenticated Privilege Escalation via Insert User Form Action vulnerability discovered by andrea bocchetti in WordPress Plugin Advanced Custom Fields: Extended versions = 0.9.2.1...