1041 matches found
CVE-2025-55911
An issue Clip Bucket v.5.5.2 Build90 allows a remote attacker to execute arbitrary codes via the filedownloader.php and the file parameter...
CLSA-2025-1758009294 kernel: Fix of 3 CVEs
posix-cpu-timers: fix race between handleposixcputimers and posixcputimerdel CVE-2025-38352 - schqfq: make qfqqlennotify idempotent CVE-2025-38177 - schhfsc: make hfscqlennotify idempotent CVE-2025-38177 - schdrr: make drrqlennotify idempotent CVE-2025-38177 - schhtb: make htbqlennotify...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: idle: Check acpifetchacpidev return value CVE-2022-50327 In the Linux kernel, the following vulnerability has been resolved: bpf: Fix helper writes to read-only maps CVE-2024-49861 In the Linux...
payloadsallthethings
This is an offensive tool for AWS exploitation. The repository contains a collection of tools and scripts for testing the security of Amazon Web Services AWS environments. The tools include: Pacu: an AWS exploitation framework designed for testing the security of AWS environments Bucket Finder: a...
Linux Distros Unpatched Vulnerability : CVE-2025-39677
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/sched: Fix backlog accounting in qdiscdequeueinternal This issue applies for the following qdiscs: hhf, fq, fqcodel, and fqpie, and occurs in their change...
CVE-2025-39677
In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix backlog accounting in qdiscdequeueinternal This issue applies for the following qdiscs: hhf, fq, fqcodel, and fqpie, and occurs in their change handlers when adjusting to the new limit. The problem is the following...
AZL-66986 CVE-2025-39677 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix backlog accounting in qdiscdequeueinternal This issue applies for the following qdiscs: hhf, fq, fqcodel, and fqpie, and occurs in their change handlers when adjusting to the new limit. The problem is the following...
UBUNTU-CVE-2025-39677
In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix backlog accounting in qdiscdequeueinternal This issue applies for the following qdiscs: hhf, fq, fqcodel, and fqpie, and occurs in their change handlers when adjusting to the new limit. The problem is the following...
netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX
...
Linux Distros Unpatched Vulnerability : CVE-2025-38637
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: netsched: skbprio: Remove overly strict queue assertions In the current implementation,...
Oracle Linux 10 : kernel (ELSA-2025-13598)
The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-13598 advisory. - wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds - CVE-2025-38159 - Revert 'smb: client: fix TCP timers deadlock after rmmod'...
Malicious code in arc-macro-s3-bucket (npm)
The package arc-macro-s3-bucket was found to contain malicious code...
MAL-2025-14769 Malicious code in arc-macro-s3-bucket (npm)
The package arc-macro-s3-bucket was found to contain malicious code...
CVE-2025-8047
The disable-right-click-powered-by-pixterme through v1.2 and pixter-image-digital-license thtough v1.0 WordPress plugins load a JavaScript file which has been compromised from an apparent abandoned S3 bucket. It can be used as a backdoor by those who control it, but it currently displays an alert...
CVE-2025-8047 Multiple Plugins from itayamar - Supply Chain Compromise
The disable-right-click-powered-by-pixterme through v1.2 and pixter-image-digital-license thtough v1.0 WordPress plugins load a JavaScript file which has been compromised from an apparent abandoned S3 bucket. It can be used as a backdoor by those who control it, but it currently displays an alert...
CVE-2025-8047
CVE-2025-8047 pertains to a supply‑chain compromise affecting WordPress plugins Disable-right-click-powered-by-pixterme (through v1.2) and Pixter-Image-Digital-License (through v1.0). The plugins load a compromised JavaScript file from an abandoned S3 bucket, enabling an attacker‑controlled backd...
CVE-2025-8047 Multiple Plugins from itayamar - Supply Chain Compromise
The disable-right-click-powered-by-pixterme through v1.2 and pixter-image-digital-license thtough v1.0 WordPress plugins load a JavaScript file which has been compromised from an apparent abandoned S3 bucket. It can be used as a backdoor by those who control it, but it currently displays an alert...
PT-2025-33146
Name of the Vulnerable Software and Affected Versions: Disable-right-click-powered-by-pixterme versions through 1.2 pixter-image-digital-license versions through 1.0 Description: The Disable-Right-Click and Pixter Image Digital License WordPress plugins load a compromised JavaScript file from an...
Linux Distros Unpatched Vulnerability : CVE-2018-16846
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was found in Ceph versions before 13.2.4 that authenticated ceph RGW users can cause a denial of service against OMAPs holding bucket indices. CVE-2018-16846...
Linux Distros Unpatched Vulnerability : CVE-2020-25636
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Ansible Base when using the awsssm connection plugin as there is no namespace separation for file transfers. Files are written directly to t...