CVE-2026-9673

Versions of the package json-2-csv from 3.15.0 and before 5.5.11 are vulnerable to CSV Injection via the preventCsvInjection option which can be bypassed. An attacker can inject formulas into CSV files, which execute when the files are opened in spreadsheet applications...

CVE-2026-23198

CVE-2026-23198 relates to the Linux kernel KVM irqfd handling. The vulnerability arose when deassociating an IRQFD could clobber the irqfd’s copy of the IRQ’s routing entry, causing arch-specific code (e.g., kvm_arch_irq_bypass_del_producer on x86/arm64) to misinterpret routing as MSI. The fix ch...

CVE-2025-2486

The Ubuntu edk2 UEFI firmware packages accidentally allowed the UEFI Shell to be accessed in Secure Boot environments, possibly allowing bypass of Secure Boot constraints. Versions 2024.05-2ubuntu0.3 and 2024.02-2ubuntu0.3 disable the Shell. Some previous versions inserted a secure-boot-based...

CVE-2025-59025

Malicious e-mail content can be used to execute script code. Unintended actions can be executed in the context of the users account, including exfiltration of sensitive information. Sanitization has been updated to avoid such bypasses. No publicly available exploits are known...

PT-2025-48257

Malicious e-mail content can be used to execute script code. Unintended actions can be executed in the context of the users account, including exfiltration of sensitive information. Sanitization has been updated to avoid such bypasses. No publicly available exploits are known...

EUVD-2020-2147

Malware in sbrugna...

PT-2025-20247 · Cisco · Cisco Ios

Name of the Vulnerable Software and Affected Versions: Cisco IOS Software running on Cisco Catalyst 1000 Switches and Cisco Catalyst 2960L Switches affected versions not specified Description: A vulnerability in the access control list ACL programming could allow an unauthenticated, remote attack...

CVE-2024-50063 bpf: Prevent tail call between progs attached to different hooks

In the Linux kernel, the following vulnerability has been resolved: bpf: Prevent tail call between progs attached to different hooks bpf progs can be attached to kernel functions, and the attached functions can take different parameters or return different return values. If prog attached to one...

CVE-2024-1104

An unauthenticated remote attacker can bypass the brute force prevention mechanism and disturb the webservice for all users...

CVE-2023-32438

This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in tvOS 16.3, macOS Ventura 13.2, watchOS 9.3, iOS 16.3 and iPadOS 16.3. An app may be able to bypass Privacy preferences...

Design/Logic Flaw

A logic issue was addressed with improved checks. This issue is fixed in iOS 16.1 and iPadOS 16. An app may be able to bypass certain Privacy preferences...