Complete Evasion, Zero Modification: PDF Attacks on AI Text Detection

AI-generated text detectors have become essential tools for maintaining content authenticity, yet their robustness against evasion attacks remains questionable. We present PDFuzz, a novel attack that exploits the discrepancy between visual text layout and extraction order in PDF documents. Our...

Cross-site Scripting (XSS)

Overview microweber/microweber is a new generation CMS with drag and drop. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the layout parameter on the /admin/page/create page. An attacker can execute arbitrary JavaScript in the context of authenticated admin users...

Microweber has Reflected XSS Vulnerability in the layout Parameter

Reflected Cross-Site Scripting XSS in Microweber CMS 2.0 via the layout parameter on the /admin/page/create page allows arbitrary JavaScript execution in the context of authenticated admin users...

CVE-2025-51502

Reflected Cross-Site Scripting XSS in Microweber CMS 2.0 via the layout parameter on the /admin/page/create page allows arbitrary JavaScript execution in the context of authenticated admin users...

Microweber CMS 安全漏洞

Microweber CMS is a drag-and-drop website builder from Microweber Open Source. A security vulnerability exists in Microweber CMS version 2.0, which stems from reflected cross-site scripting in the layout parameter in the /admin/page/create page, which could lead to arbitrary JavaScript execution...

SUSE CVE-2025-38393

In the Linux kernel, the following vulnerability has been resolved: NFSv4/pNFS: Fix a race to wake on NFSLAYOUTDRAIN We found a few different systems hung up in writeback waiting on the same page lock, and one task waiting on the NFSLAYOUTDRAIN bit in pnfsupdatelayout, however the pnfslayouthdr's...

CVE-2025-38475

In the Linux kernel, the following vulnerability has been resolved: smc: Fix various oops due to inetsock type confusion. syzbot reported weird splats 01 in cipsov4socksetattr while freeing inetsksk-inetopt. The address was freed multiple times even though it was read-only memory...

kernel: NFSv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN

In the Linux kernel, the following vulnerability has been resolved: NFSv4/pNFS: Fix a race to wake on NFSLAYOUTDRAIN We found a few different systems hung up in writeback waiting on the same page lock, and one task waiting on the NFSLAYOUTDRAIN bit in pnfsupdatelayout, however the pnfslayouthdr's...

Exploit for Use After Free in Linux Linux_Kernel

This repository contains various kernel exploits for Linux systems. The exploits target different vulnerabilities in the Linux kernel, including: 1. CVE-2016-8655: A Linux AFPACKET race condition exploit that includes KASLR and SMEP bypasses. 2. CVE-2016-9793: A Linux SOSND|RCVBUFFORCE CAPNETADMI...

CVE-2025-38393

In the Linux kernel, the following vulnerability has been resolved: NFSv4/pNFS: Fix a race to wake on NFSLAYOUTDRAIN We found a few different systems hung up in writeback waiting on the same page lock, and one task waiting on the NFSLAYOUTDRAIN bit in pnfsupdatelayout, however the pnfslayouthdr's...

AZL-65717 CVE-2025-38393 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: NFSv4/pNFS: Fix a race to wake on NFSLAYOUTDRAIN We found a few different systems hung up in writeback waiting on the same page lock, and one task waiting on the NFSLAYOUTDRAIN bit in pnfsupdatelayout, however the pnfslayouthdr's...

DEBIAN-CVE-2025-38393

In the Linux kernel, the following vulnerability has been resolved: NFSv4/pNFS: Fix a race to wake on NFSLAYOUTDRAIN We found a few different systems hung up in writeback waiting on the same page lock, and one task waiting on the NFSLAYOUTDRAIN bit in pnfsupdatelayout, however the pnfslayouthdr's...

AZL-73010 CVE-2025-38393 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: NFSv4/pNFS: Fix a race to wake on NFSLAYOUTDRAIN We found a few different systems hung up in writeback waiting on the same page lock, and one task waiting on the NFSLAYOUTDRAIN bit in pnfsupdatelayout, however the pnfslayouthdr's...

CVE-2025-31700

A vulnerability has been found in Dahua products. Attackers could exploit a buffer overflow vulnerability by sending specially crafted malicious packets, potentially causing service disruption e.g., crashes or remote code execution RCE. Some devices may have deployed protection mechanisms such as...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the presence of a race condition in NFSLAYOUTDRAIN that could lead to a hang...

CVE-2025-31701

A vulnerability has been found in Dahua products. Attackers could exploit a buffer overflow vulnerability by sending specially crafted malicious packets, potentially causing service disruption e.g., crashes or remote code execution RCE. Some devices may have deployed protection mechanisms such as...

CVE-2025-31701

CVE-2025-31701 affects Dahua security cameras. It is described as a buffer overflow in the RPC file upload handler that can be triggered by specially crafted packets, potentially causing DoS or remote code execution. Some devices reportedly deploy ASLR, which may reduce exploitability, but DoS re...

PT-2025-30545

Name of the Vulnerable Software and Affected Versions Dahua products affected versions not specified Description A buffer overflow vulnerability exists in Dahua products. Attackers can exploit this issue by sending specially crafted malicious packets, potentially leading to service disruption, su...

Logpoint 安全漏洞

Logpoint is a network security application from the Danish company Logpoint. A security vulnerability exists in Logpoint versions prior to 7.6.0 that stems from a path traversal vulnerability when creating layout templates, which could lead to remote code execution...

The vulnerability of Adobe InDesign’s computer layout automation tool, related to a countable loss of significance, allows attackers to execute arbitrary code.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to a countable amount of significance loss. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending a specially created malicious file...