Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993054)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993054 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: zfcp: Fix double free of FSF request when qdio send fails We used to use the wrong type of...

CVE-2025-66553

Summary: Nextcloud Tables prior to 0.8.7 and 0.9.4 allows authenticated users to view column metadata of other tables by altering the numeric ID in a request, causing information disclosure. The issue is fixed in 0.8.7 and 0.9.4. Remediation: upgrade Nextcloud Tables to version 0.8.7 or later, or...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990758)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990758 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: zfcp: Fix double free of FSF request when qdio send fails We used to use the wrong type of...

EUVD-2025-28904

Malicious code in bioql PyPI...

EUVD-2025-12993

Malicious code in bioql PyPI...

GHSA-V3VJ-5868-2CH2 Rancher CLI SAML authentication is vulnerable to phishing attacks

Impact A vulnerability has been identified within Rancher Manager whereby the SAML authentication from the Rancher CLI tool is vulnerable to phishing attacks. The custom authentication protocol for SAML-based providers can be abused to steal Rancher’s authentication tokens. Rancher Manager...

PT-2025-39664

Name of the Vulnerable Software and Affected Versions Rancher Manager versions prior to 2.9.12 Rancher Manager versions prior to 2.10.10 Rancher Manager versions prior to 2.11.6 Rancher Manager versions prior to 2.12.2 Description Rancher Manager is susceptible to phishing attacks targeting SAML...

CVE-2025-40689

SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an attacker to retrieve, create, update and delete database via 'remark', 'status' and 'requestid' parameters in the endpoint '/ofrs/admin/request-details.php'...

From CVE Entries to Verifiable Exploits: an Automated Multi-Agent Framework for Reproducing CVEs

High-quality datasets of real-world vulnerabilities and their corresponding verifiable exploits are crucial resources in software security research. Yet such resources remain scarce, as their creation demands intensive manual effort and deep security expertise. In this paper, we present CVE-GENIE...

Linux Distros Unpatched Vulnerability : CVE-2025-38532

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: libwx: properly reset Rx ring descriptor When device reset is triggered by feature...

CVE-2024-13986 Nagios XI < 2024R1.3.2 Authenticated Arbitrary File Upload Path Traversal RCE

Nagios XI 2024R1.3.2 contains a remote code execution vulnerability by chaining two flaws: an arbitrary file upload and a path traversal in the Core Config Snapshots interface. The issue arises from insufficient validation of file paths and extensions during MIB upload and snapshot rename...

CVE-2019-15592

GitLab 12.2.2 and below contains a security vulnerability that allows a guest user in a private project to see the merge request ID associated to an issue via the activity timeline...

CVE-2022-49789

In the Linux kernel, the following vulnerability has been resolved: scsi: zfcp: Fix double free of FSF request when qdio send fails We used to use the wrong type of integer in 'zfcpfsfreqsend' to cache the FSF request ID when sending a new FSF request. This is used in case the sending fails and w...

CVE-2022-49789 scsi: zfcp: Fix double free of FSF request when qdio send fails

In the Linux kernel, the following vulnerability has been resolved: scsi: zfcp: Fix double free of FSF request when qdio send fails We used to use the wrong type of integer in 'zfcpfsfreqsend' to cache the FSF request ID when sending a new FSF request. This is used in case the sending fails and w...

CVE-2022-49789

The CVE-2022-49789 entry documents a Linux kernel issue in the SCSI zfcp path: double free of an FSF request due to caching the FSF request ID in a signed 32-bit int, causing truncation and sign-extension when converting to 64-bit, leading to mismatches in the internal hash table and a stale poin...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a mismatch in the FSF request ID type in the zfcp driver leading to a double release, which could lead to...

Advanced MST3 Encryption Scheme Based on Generalized Suzuki 2-Groups

This article presents a method for enhancing the encryption algorithm in the MST3 cryptosystem for generalized Suzuki 2-groups. The conventional MST cryptosystem based on Suzuki groups utilizes logarithmic signatures LS restricted to the center of the group, resulting in an expansive array of...

CVE-2025-2278

Improper access control in temporary access requests and checkout requests endpoints in Devolutions Server 2024.3.13 and earlier allows an authenticated user to access information about these requests via a known request ID...

Security update for rsync

This update for rsync fixes the following issues: CVE-2024-12084: heap buffer overflow in checksum parsing. bsc1234100 CVE-2024-12085: leak of uninitialized stack data on the server leading to possible ASLR bypass. bsc1234101 CVE-2024-12086: leak of a client machine's file contents through the...

PT-2024-16252 · Code Projects · Code-Projects Blood Bank Management

Name of the Vulnerable Software and Affected Versions: code-projects Blood Bank Management version 1.0 Description: A critical issue affects the processing of the file /file/accept.php, where the manipulation of the reqid argument leads to SQL injection. The attack can be initiated remotely...