EUVD-2022-28535

Malicious code in bioql PyPI...

EUVD-2025-25247

Malicious code in bioql PyPI...

A vulnerability was found in GNU C Library 2.38. It has been declared as critical. This vulnerability affects the function __monstartup of the file gmon.c of the component Call Graph Monitor. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. VDB-220246 is the identifier assigned to this vulnerability. NOTE: The real existence of this vulnerability is still doubted at the moment. The inputs that induce this vulnerability are basically addresses of the running application that is built with gmon enabled. It's basically trusted input or input that needs an actual security flaw to be compromised or controlled.

...

PT-2025-35409

Name of the Vulnerable Software and Affected Versions: givanz Vvveb version 1.0.7.2 Description: A security vulnerability exists in givanz Vvveb 1.0.7.2, affecting an unknown part of the app/template/user/login.tpl file. Manipulation of the Email/Password argument can lead to cross-site scripting...

Linux Distros Unpatched Vulnerability : CVE-2025-9157

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was determined in appneta tcpreplay up to 4.5.2-beta2. The impacted element is the function untruncpacket of the file src/tcpedit/editpacket.c o...

Linux Distros Unpatched Vulnerability : CVE-2023-1452

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in GPAC 2.3-DEV-rev35-gbbca86917-master. It has been declared as critical. Affected by this vulnerability is an unknown functionality ...

CVE-2025-9405

A security flaw has been discovered in Open5GS up to 2.7.5. The impacted element is the function gmmstateexception of the file src/amf/gmm-sm.c. The manipulation results in reachable assertion. It is possible to launch the attack remotely. The exploit has been released to the public and may be...

CVE-2025-9405 Open5GS gmm-sm.c gmm_state_exception assertion

A security flaw has been discovered in Open5GS up to 2.7.5. The impacted element is the function gmmstateexception of the file src/amf/gmm-sm.c. The manipulation results in reachable assertion. It is possible to launch the attack remotely. The exploit has been released to the public and may be...

CVE-2025-9397

A weakness has been identified in givanz Vvveb up to 1.0.7.2. Affected is an unknown function of the file /system/traits/media.php. Executing manipulation of the argument files can lead to unrestricted upload. The attack can be launched remotely. The exploit has been made available to the public...

CVE-2025-9397 givanz Vvveb media.php unrestricted upload

A weakness has been identified in givanz Vvveb up to 1.0.7.2. Affected is an unknown function of the file /system/traits/media.php. Executing manipulation of the argument files can lead to unrestricted upload. The attack can be launched remotely. The exploit has been made available to the public...

PT-2025-34575 · Unknown · Givanz Vvveb

Name of the Vulnerable Software and Affected Versions: givanz Vvveb versions up to 1.0.7.2 Description: A weakness exists in givanz Vvveb that allows for unrestricted file upload. The issue is located in an unknown function within the /system/traits/media.php file. Manipulation of the files...

SUSE CVE-2025-9300

A vulnerability was found in saitoha libsixel up to 1.10.3. Affected by this issue is the function sixeldebugprintpalette of the file src/encoder.c of the component img2sixel. The manipulation results in stack-based buffer overflow. The attack must be initiated from a local position. The exploit...

CVE-2025-9301

CVE-2025-9301 affects cmake 4.1.20250725-gb5cce23. The issue is in cmForEachFunctionBlocker::ReplayItems (cmForEachCommand.cxx), allowing a locally launched attacker to trigger a reachable assertion. A public exploit has been disclosed. Patch: 37e27f71bc356d880c908040cd0cb68fa2c371b8. Affected ad...

CVE-2025-9300

CVE-2025-9300 affects libsixel (saitoha/libsixel) up to 1.10.3. The vuln targets the function sixel_debug_print_palette in src/encoder.c (img2sixel) and causes a stack-based buffer overflow. Successful exploitation requires local access; public exploit is available. The patch is identified by com...

SUSE CVE-2025-9157

A vulnerability was determined in appneta tcpreplay up to 4.5.2-beta2. The impacted element is the function untruncpacket of the file src/tcpedit/editpacket.c of the component tcprewrite. Executing manipulation can lead to use after free. It is possible to launch the attack on the local host. The...

CVE-2025-9157

A vulnerability was determined in appneta tcpreplay up to 4.5.2-beta2. The impacted element is the function untruncpacket of the file src/tcpedit/editpacket.c of the component tcprewrite. Executing manipulation can lead to use after free. It is possible to launch the attack on the local host. The...

CVE-2025-9157

A vulnerability was determined in appneta tcpreplay up to 4.5.2-beta2. The impacted element is the function untruncpacket of the file src/tcpedit/editpacket.c of the component tcprewrite. Executing manipulation can lead to use after free. It is possible to launch the attack on the local host. The...

CVE-2025-9157 appneta tcpreplay tcprewrite edit_packet.c untrunc_packet use after free

A vulnerability was determined in appneta tcpreplay up to 4.5.2-beta2. The impacted element is the function untruncpacket of the file src/tcpedit/editpacket.c of the component tcprewrite. Executing manipulation can lead to use after free. It is possible to launch the attack on the local host. The...

CVE-2025-9157 appneta tcpreplay tcprewrite edit_packet.c untrunc_packet use after free

A vulnerability was determined in appneta tcpreplay up to 4.5.2-beta2. The impacted element is the function untruncpacket of the file src/tcpedit/editpacket.c of the component tcprewrite. Executing manipulation can lead to use after free. It is possible to launch the attack on the local host. The...

CVE-2025-9020

Summary: CVE-2025-9020 affects PX4 PX4-Autopilot up to 1.15.4. The issue resides in MavlinkReceiver::handle_message_serial_control within mavlink_receiver.cpp of the Mavlink Shell Closing Handler. The argument _mavlink_shell is manipulated, causing a use-after-free condition. Local access is requ...