EUVD-2025-209738

Netgate pfSense CE 2.7.2 allows code execution by using the module installer with a backup file with a serialized PHP object containing the postrebootcommands property. NOTE: the Supplier disputes this because this installer is only available to admins and they are intentionally allowed to execut...

Security update for nginx

This update for nginx fixes the following issues: CVE-2026-1642: plain text data injection into the response from an upstream proxied server via MITM attack bsc1257675. CVE-2026-27654: buffer overflow in the NGINX worker process via the ngxhttpdavmodule module bsc1260416. CVE-2026-27784: NGINX...

CVE-2026-43284

A flaw was found in the Linux kernel's xfrm-ESP and RxRPC subsystems. Unsafe in-place cryptographic processing of shared socket buffer fragments allows a low-privileged local attacker to corrupt page-cache contents of readable files, including sensitive system files, and gain root privileges. The...

Exploit for Write-what-where Condition in Linux Linux_Kernel

Dirty Frag mitigation script This script: 1. Block...

CVE-2025-69690

Netgate pfSense CE 2.7.2 allows code execution by using the module installer with a backup file with a serialized PHP object containing the postrebootcommands property. NOTE: the Supplier disputes this because this installer is only available to admins and they are intentionally allowed to execut...

CVE-2025-67887

1C-Bitrix through 25.100.500 allows Remote Code Execution because an actor with SOURCE/WRITE permissions for the Translate Module can upload and execute code by sending a PHP file and a .htaccess file. NOTE: this is disputed by the Supplier because this is intended behavior for the high-privilege...

CVE-2025-67886

Bitrix24 through 25.100.300 allows Remote Code Execution because an actor with SOURCE/WRITE permissions for the Translate Module can upload and execute code by sending a PHP file and a .htaccess file. NOTE: this is disputed by the Supplier because this is intended behavior for the high-privileged...

dirtyfrag-check

dirtyfrag-check A safe, read-only Python script to detect whe...

CVE-2025-69690

Netgate pfSense Community Edition 2.7.2 and 2.8.0 are affected by two authenticated RCE paths. First, unsafe deserialization in the module installer/backups allows a crafted backup XML containing a serialized PHP object with the post_reboot_commands property to execute commands with root privileg...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the possibility of a null pointer derefrence error occurring when the ftrace module is killed and...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the sched/mmcid module assigning CIDs during the fork process when new tasks are not yet visible...

Linux Distros Unpatched Vulnerability : CVE-2013-10075

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache::Session versions through 1.94 for Perl re-creates deleted sessions. The session stores Apache::Session::Store::File and Apache::Session::Store::DBFile...

PT-2026-39070

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A crash can occur in the Linux kernel when removing or inserting modules that contain kprobe probes after ftrace has been killed due to errors. This happens because kprobes on ftrace do...

VIM Plugin Persistence

This Metasploit module creates a VIM Plugin which executes a payload on VIM startup...

Linux Distros Unpatched Vulnerability : CVE-2026-43295

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rapidio: replace riofreenet with kfree in rioscanallocnet When idtab allocation fails, net is not registered with rioaddnet yet, so kfreenet is sufficient to...

PT-2026-38935

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the wave5 driver when operating in polling mode. The driver uses an hrtimer to periodically trigger the wave5 vpu timer callback function, which queues work vi...

CVE-2025-69690

Netgate pfSense CE 2.7.2 allows code execution by using the module installer with a backup file with a serialized PHP object containing the postrebootcommands property. NOTE: the Supplier disputes this because this installer is only available to admins and they are intentionally allowed to execut...

CVE-2025-69690

Netgate pfSense CE 2.7.2 allows code execution by using the module installer with a backup file with a serialized PHP object containing the postrebootcommands property. NOTE: the Supplier disputes this because this installer is only available to admins and they are intentionally allowed to execut...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an issue with TOCTOU function calls in the rustbinder module. This vulnerability could allow the...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that when the dm-raid module is used to stop an RAID array, the metadata devices become...