CVE-2025-4631

creationtimestamp| type| source ---|---|--- 2025-05-31 07:11:57+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqh6zhclzfd2 2025-05-31 09:17:30+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lqhfzzphrp2p 2025-05-31...

CVE-2025-48488

creationtimestamp| type| source ---|---|--- 2025-05-30 08:08:16+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqerkxpu6ut2 2025-05-30 08:21:59+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lqeshu5ufw2o...

CVE-2025-44904

hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5VMmemcpyvv function...

CVE-2025-31198

CVE-2025-31198 refers to a macOS path-handling issue fixed by improved symlink validation. Affected components are tied to macOS releases: Ventura 13.7.5, Sequoia 15.4, and Sonoma 14.7.5. The issue’s CVSS metrics indicate local attack vector, low attack complexity, no privileges required, user in...

Important: Red Hat Security Advisory: zlib security update

An update for zlib is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

CVE-2025-30087

Best Practical RT Request Tracker 4.4 through 4.4.7 and 5.0 through 5.0.7 allows XSS via injection of crafted parameters in a search URL...

CVE-2025-4493

Improper privilege assignment in PAM JIT privilege sets in Devolutions Server allows a PAM user to perform PAM JIT requests on unauthorized groups by exploiting a user interface issue. This issue affects the following versions : Devolutions Server 2025.1.3.0 through 2025.1.7.0 Devolutions Server...

WordPress MasterStudy LMS Pro plugin <= 4.7.0 - Authenticated (Subscriber+) Arbitrary File Upload vulnerability

Authenticated Subscriber+ Arbitrary File Upload vulnerability discovered by Foxyyy in WordPress Plugin MasterStudy LMS Pro versions = 4.7.0...

CVE-2024-56193

creationtimestamp| type| source ---|---|--- 2025-05-27 15:49:14+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/17657 2025-05-27 17:02:24+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lq65wel6lt22...

CVE-2025-40663

creationtimestamp| type| source ---|---|--- 2025-05-26 13:47:20+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/17558 2025-05-26 14:03:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lq3dp567id27 2025-05-26 15:28:55+00:00| seen|...

CVE-2025-46805

Screen version 5.0.0 and older version 4 releases have a TOCTOU race potentially allowing to send SIGHUP, SIGCONT to privileged processes when installed setuid-root...

Important: Red Hat Security Advisory: python-tornado security update

An update for python-tornado is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

Fedora: Security Advisory (FEDORA-2024-05dedb1a53)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-48753

creationtimestamp| type| source ---|---|--- 2025-05-24 02:54:06+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lpv5dhfubod2...

CVE-2024-9160

In versions of the PEADM Forge Module prior to 3.24.0 a security misconfiguration was discovered...

CVE-2024-21723

Inadequate parsing of URLs could result into an open redirect...

CVE-2024-24792

Parsing a corrupt or malicious image with invalid color indices can cause a panic...

CVE-2024-25087

Denial of Service DoS vulnerability in Jungo WinDriver before 12.7.0 allows local attackers to cause a Windows blue screen error...

CVE-2024-45269

WordPress plugin "Carousel Slider" provided by Sayful Islam contains a cross-site request forgery vulnerability on Carousel image selection feature. While logged in to the WordPress site with Carousel Slider plugin enabled, accessing a crafted page may cause a user to alter the contents of the...

CVE-2024-11366

The SEO Landing Page Generator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.66.2. This makes it possible for unauthenticated attackers to inject arbitrary web...