01os (>=0.0.1 <=0.0.13), aeiva (>=0.8.1 <=0.8.2.6) +199 more potentially affected by CVE-2025-0330 via litellm (>=1.0.0 <=1.65.4.post1)

litellm PYPI version =1.0.0, =0.0.1, =0.8.1, =0.14.1a0, =0.1.0, =0.0.5, =1.1.2, =0.0.4, =0.2.0, =0.1.1, =0.5.0, =0.1.0, =1.0.3, =0.2.10, =0.29.0, =0.59.1, =0.62.9 and more Source cves: CVE-2025-0330 Source advisory: SNYK:PYTHON-LITELLM-9511161...

CVE-2025-2550

creationtimestamp| type| source ---|---|--- 2025-03-20 17:18:49+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8241 2025-03-20 19:54:35+00:00| seen| https://t.me/cvedetector/20752 2025-03-20 21:04:13+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lktlxblte...

CVE-2024-11041

creationtimestamp| type| source ---|---|--- 2025-03-20 11:40:21+00:00| seen| https://bsky.app/profile/cyberalerts.bsky.social/post/3lksmh6j6cs2g...

CVE-2025-27785 Applio allows arbitrary file read in train.py export_index function

Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to arbitrary file read in train.py's exportindex function. This issue may lead to reading arbitrary files on the Applio server. It can also be used in conjunction with blind server-side request forgery to read files...

Important: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Important: Red Hat Security Advisory: fence-agents security update

An update for fence-agents is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

CVE-2025-26978

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in fs-code FS Poster fs-poster.This issue affects FS Poster: from n/a through = 6.5.8...

RLSA-2024:9188 Low: bpftrace security update

BPFtrace is a high-level tracing language for Linux enhanced Berkeley Packet Filter eBPF available in recent Linux kernels 4.x. BPFtrace uses LLVM as a backend to compile scripts to BPF-bytecode and makes use of BCC for interacting with the Linux BPF system, as well as existing Linux tracing...

CVE-2024-49561

creationtimestamp| type| source ---|---|--- 2025-03-17 18:31:36+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7811 2025-03-17 18:38:15+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114179224013214264 2025-03-17 21:39:43+00:00| seen| https://t.me/cvedetector/20514 2025-03-17...

CVE-2025-2360

creationtimestamp| type| source ---|---|--- 2025-03-15 22:30:34+00:00| seen| https://infosec.exchange/users/vuldb/statuses/114168812896511888 2025-03-17 04:46:06+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/7735 2025-03-17 06:00:34+00:00| seen|...

CVE-2025-29386

creationtimestamp| type| source ---|---|--- 2025-03-14 19:13:06+00:00| seen| https://t.me/cvedetector/20312 2025-03-14 20:46:21+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lkei5x3gt32x...

CVE-2025-25291

ruby-saml provides security assertion markup language SAML single sign-on SSO for Ruby. An authentication bypass vulnerability was found in ruby-saml prior to versions 1.12.4 and 1.18.0 due to a parser differential. ReXML and Nokogiri parse XML differently; the parsers can generate entirely...

aleksis (>=2023.1.0b0 <=2023.6.0b1), aleksis-app-alsijil (>=2.0.0a3 <=2.0c7_0) +9 more potentially affected by CVE-2025-25683 via aleksis-core (>=3.0.0 <=3.0.0b3)

aleksis-core PYPI version =3.0.0, =2023.1.0b0, =2.0.0a3, =1.0.7.dev0, =2.0.0b0, =2.0.0b0, =2.0.0b0, =2.0.0b0, =2.0.0a1, =1.0.0, =2.0.0b0, =2.1.0.dev1 Source cves: CVE-2025-25683 Source advisory: SNYK:PYTHON-ALEKSISCORE-9486554...

CVE-2025-240797

creationtimestamp| type| source ---|---|--- 2025-03-11 17:44:43+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2025-0080...

CVE-2025-24046

Use after free in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally...

CVE-2024-13918

The Laravel framework versions between 11.9.0 and 11.35.1 are susceptible to reflected cross-site scripting due to an improper encoding of request parameters in the debug-mode error page...

CVE-2024-13868

The URL Shortener | Conversion Tracking | AB Testing | WooCommerce WordPress plugin through 9.0.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2025-27796

ReadWPGImage in WPG in GraphicsMagick before 1.3.46 mishandles palette buffer allocation, resulting in out-of-bounds access to heap memory in ReadBlob...

CVE-2025-27510

conda-forge-metadata provides programatic access to conda-forge's metadata. conda-forge-metadata uses an optional dependency - "conda-oci-mirror" which was neither present on the PyPi repository nor registered by any entity. If conda-oci-mirror is taken over by a threat actor, it can result in...

CVE-2025-21826

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject mismatching sum of fieldlen with set key length The field length description provides the length of each separated key field in the concatenation, each field gets rounded up to 32-bits to calculate the...