VAPT-Practice-Labs

🔐 VAPT Practice Labs This repository contains my hands-on Vul...

MINI-JF6M-4F5F-9WHQ

Bulletin has no description...

MINI-P7W3-XR8R-GJC5

Bulletin has no description...

VideoFlow Digital Video Protection 路径遍历漏洞

VideoFlow Digital Video Protection is a broadcast-grade video transmission device developed by VideoFlow Corporation in the United States. Version 2.10 of VideoFlow Digital Video Protection contains a path traversal vulnerability. This vulnerability stems from authenticated directory traversal,...

MINI-X3MX-9FF4-C7H5

Bulletin has no description...

Vulnerability Identification by Harnessing Inter-Connected Multi-Source Information

The utilization of third-party open-source libraries is widespread in modern software development. Due to the dependency relationships, vulnerabilities within open-source libraries pose significant security threats to downstream software. However, the library vulnerabilities are usually implicitl...

CVE-2018-25297

CVE-2018-25297 describes a buffer overflow in Wansview 1.0.2 during camera addition, where oversized input (e.g., 2000-byte payloads in the Camera name and DID number fields) can crash the application. The advisory notes a local attack vector with LOW complexity and HIGH impact on availability. N...

BinExploit-Bench

BinExploit-Bench: Binary Exploitation Capability Benchmark for...

Analysis of Personal Data Exposure in Thailand

In the digital era, personal data, particularly sensitive identifiers such as the Social Security Number and National Identification Number, have become a highly valuable asset, raising significant concerns regarding privacy and security. This study examines the risks associated with the online...

MINI-J5XM-6HHX-JR2Q

Bulletin has no description...

GHSA-XHMJ-RG95-44HV

creationtimestamp| type| source ---|---|--- 2026-04-23 21:26:31+00:00| seen| Telegram/BiTM4VWQdbYmMG43-mv447qo5-YjFbOvUme2BKAYDCNPPw...

MINI-XF8V-83J3-334J

Bulletin has no description...

Roblox clamps down on chats and age checks as legal pressure builds

Roblox has long faced criticism over child safety on its platform. Now it has started settling with state attorneys over the issue, and the total is climbing fast. On April 21, Alabama Attorney General Steve Marshall announced a $12.2 million settlement with the child-focused online gaming...

GHSA-Q94G-3GCF-66X7 uutils coreutils has an Incorrect Authorization issue

The id utility in uutils coreutils miscalculates the groups= section of its output. The implementation uses a user's real GID instead of their effective GID to compute the group list, leading to potentially divergent output compared to GNU coreutils. Because many scripts and automated processes...

PT-2026-34366

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the amdgpu dm component when a sink is connected. The drm edid variable in aconnector is overwritten without freeing the previous allocation, which leads to a...

CVE-2026-34314

...

CVE-2026-34313

CVE-2026-34313 affects Oracle Financial Services Analytical Applications Infrastructure (OFSAAI), Platform component. Affected versions: 8.0.7.9, 8.0.8.7, 8.1.2.5. An attacker with network access via HTTP and low privileges can compromise OFSAAI and gain unauthorized access to critical data or co...

CVE-2026-34303

CVE-2026-34303 affects Oracle MySQL Server (component: Server: Optimizer). Affected versions are MySQL 8.0.0–8.0.45, 8.4.0–8.4.8, and 9.0.0–9.6.0. The vulnerability allows a low-privileged attacker with network access via multiple protocols to cause a hang or a frequently repeatable crash (comple...

CVE-2026-22011

The CVE-2026-22011 entry describes a vulnerability in Oracle Applications DBA (ADPatch) within Oracle E-Business Suite, affecting 12.2.3 through 12.2.15. The vulnerability can be exploited by a network-accessible attacker over HTTP and requires user interaction; it enables takeover of Oracle Appl...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010727)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010727 advisory. The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 Double-Hash...