CVE-2025-22104

In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Use kernel helpers for hex dumps Previously, when the driver was printing hex dumps, the buffer was cast to an 8 byte long and printed using string formatters. If the buffer size was not a multiple of 8 then a read buffe...

CVE-2025-30735

...

CVE-2025-3608

creationtimestamp| type| source ---|---|--- 2025-04-15 14:11:22+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114342381621851193 2025-04-15 16:38:52+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmujatd6mw2h 2025-04-15 17:26:39+00:00| seen| https://t.me/cvedetector/229...

CVE-2024-10087

creationtimestamp| type| source ---|---|--- 2025-04-14 12:33:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmrl33oaw62l 2025-04-14 12:54:18+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/11600 2025-04-14 12:54:20+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/11602...

CVE-2025-32908

A flaw was found in libsoup. The HTTP/2 server in libsoup may not fully validate the values of pseudo-headers :scheme, :authority, and :path, which may allow a user to cause a denial of service DoS. Mitigation Currently, no mitigation was found for this vulnerability...

CVE-2025-2814

Crypt::CBC versions between 1.21 and 3.05 for Perl may use the rand function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. This issue affects operating systems where "/dev/urandom'" is unavailable. In that case, Crypt::CBC will fallback to u...

CVE-2025-32654

creationtimestamp| type| source ---|---|--- 2025-04-11 08:50:21+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/11394 2025-04-11 11:37:53+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmjwkt3lzz24 2025-04-11 11:48:43+00:00| seen|...

CVE-2025-32656

creationtimestamp| type| source ---|---|--- 2025-04-11 08:50:17+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/11393 2025-04-11 11:37:51+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmjwksqqb22q 2025-04-11 11:48:44+00:00| seen|...

CVE-2025-32260 WordPress DethemeKit For Elementor plugin <= 2.1.10 - Broken Access Control vulnerability

Missing Authorization vulnerability in Detheme DethemeKit For Elementor. This issue affects DethemeKit For Elementor: from n/a through 2.1.10...

CVE-2025-20940

Improper handling of insufficient permission in Samsung Device Health Manager Service prior to SMR Apr-2025 Release 1 allows local attackers to access provider in SDMHS...

CVE-2025-22009

In the Linux kernel, the following vulnerability has been resolved: regulator: dummy: force synchronous probing Sometimes I get a NULL pointer dereference at boot time in kobjectget with the following call stack: anatopregulatorprobe devmregulatorregister regulatorregister regulatorresolvesupply...

📄 UNA CMS 14.0.0-RC4 PHP Object Injection

UNA CMS versions 14.0.0-RC4 and below suffer from a PHP object injection vulnerability in BxBaseMenuSetAclLevel.php. ------------------------------------------------------------------------------------ UNA CMS = 14.0.0-RC4 BxBaseMenuSetAclLevel.php PHP Object Injection Vulnerability...

CVE-2025-28413

An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the SysDictTypeController component...

CVE-2025-3348

creationtimestamp| type| source ---|---|--- 2025-04-07 10:45:20+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/10693 2025-04-07 15:07:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmaafjhd6w2c 2025-04-07 15:23:30+00:00| seen|...

CVE-2025-31480

aiven-extras is a PostgreSQL extension. This is a privilege escalation vulnerability, allowing elevation to superuser inside PostgreSQL databases that use the aiven-extras package. The vulnerability leverages the format function not being schema-prefixed. Affected users should install 1.1.16 and...

CVE-2025-32051

creationtimestamp| type| source ---|---|--- 2025-04-03 15:07:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3llw6jwqtaw2x 2025-04-03 17:44:32+00:00| seen| https://t.me/cvedetector/21979 2025-05-01 02:13:59+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/14213...

Important: Red Hat Security Advisory: python-jinja2 security update

An update for python-jinja2 is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this updat...

CVE-2025-2055

CVE-2025-2055 concerns the WordPress plugin MapPress Maps for WordPress. Connected sources confirm the vulnerability is a stored Cross-Site Scripting (XSS) issue in MapPress Maps for WordPress prior to version 2.94.9, caused by insufficient sanitisation/escaping of certain parameters when output ...

CVE-2025-22000

In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: drop beyond-EOF folios with the right number of refs When an after-split folio is large and needs to be dropped due to EOF, folioputrefsfolio, folionrpagesfolio should be used to drop all page cache refs. Otherwise...

CVE-2025-21954

In the Linux kernel, the following vulnerability has been resolved: netmem: prevent TX of unreadable skbs Currently on stable trees we have support for netmem/devmem RX but not TX. It is not safe to forward/redirect an RX unreadable netmem packet into the device's TX path, as the device may call...