EUVD-2023-3246

Malicious code in bioql PyPI...

EUVD-2021-8915

Malicious code in bioql PyPI...

EUVD-2024-45780

Malicious code in bioql PyPI...

Exploit for CVE-2025-22294

CVE-2025-2294 – Local File Inclusion LFI в WordPress-плагине...

exifcleaner

Cross-platform desktop GUI app to clean image metadata...

Exploit for Improper Input Validation in Vmware Vcenter_Server

No description provided...

my_cve

...

Exploit for CVE-2024-3660

CVE-2024-3660 – TensorFlow Keras Arbitrary Code Execution via...

CVE-2025-23325

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause uncontrolled recursion through a specially crafted input. A successful exploit of this vulnerability might lead to denial of service...

CVE-2025-34149

CVE-2025-34149 describes a command injection in the Shenzhen Aitemi M300 Wi‑Fi Repeater (hardware model MT02) during WPA2 configuration. The vulnerable component is the handling of the WPA2 key parameter, which is interpreted by the system shell, allowing an attacker to execute arbitrary commands...

CVE-2025-54799

CVE-2025-54799 affects the Lets Encrypt Go-based client and the lego v4/acme/api package. In 4.25.1 and earlier, the library does not enforce HTTPS when the ACME client communicates with CAs, applying to both the initial discover URL and the URLs returned in directory/order objects. If an HTTP UR...

CVE-2025-54885 Thinbus generates insufficient entropy: 252 bits vs minimum 256 bits

Thinbus Javascript Secure Remote Password is a browser SRP6a implementation for zero-knowledge password authentication. In versions 2.0.0 and below, a protocol compliance bug causes the client to generate a fixed 252 bits of entropy instead of the intended bit length of the safe prime defaulted t...

CVE-2025-23322

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where multiple requests could cause a double free when a stream is cancelled before it is processed. A successful exploit of this vulnerability might lead to denial of service...

CVE-2025-54624

Unexpected injection event vulnerability in the multimodalinput module. Impact: Successful exploitation of this vulnerability may affect availability...

Linux Distros Unpatched Vulnerability : CVE-2023-52978

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - riscv: kprobe: Fixup kernel panic when probing an illegal position The kernel would panic when probed for an illegal position. eg: CONFIGRISCVISAC=n echo 'p:hel...

Linux Distros Unpatched Vulnerability : CVE-2025-30722

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Client product of Oracle MySQL component: Client: mysqldump. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and...

CVE-2025-8504

A vulnerability, which was classified as critical, was found in code-projects Kitchen Treasure 1.0. This affects an unknown part of the file /userregistration.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has...

CVE-2025-23287

NVIDIA GPU Display Driver for Windows contains a vulnerability where an attacker may access sensitive system-level information. A successful exploit of this vulnerability may lead to Information disclosure...

CVE-2025-54585

GitProxy is an application that stands between developers and a Git remote endpoint. In versions 1.19.1 and below, attackers can exploit the way GitProxy handles new branch creation to bypass the approval of prior commits on the parent branch. The vulnerability impacts all users or organizations...

CVE-2025-53078

Deserialization of Untrusted Data in Samsung DMSData Management Server allows attackers to execute arbitrary code via write file to system...