Linux Distros Unpatched Vulnerability : CVE-2022-3767

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Missing validation in DAST analyzer affecting all versions from 1.11.0 prior to 3.0.32, allows custom request headers to be sent with every request, regardless ...

CVE-2025-36729 RACOM M!DGE2 Privilege Escalation via SDK Testing Endpoint

A non-primary administrator user with admin rights to the web interface but without shell access permissions can display configuration of the device including the master admin password. This vulnerability also allows the user to give themselves shell access with the root gid...

PT-2025-44136

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel's NTFS3 subsystem related to integer overflow in the run unpack function. The run unpack function decodes compressed runlist data from MFT attributes,...

Exploit for CVE-2025-8671

CVE-2025-8671 - PoC DoS lighttpd HTTP/2 Auteur : @abiyeenzo...

Malicious code in seclab-research-depconf-test-2 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c4210a0224d23d330894d4d8e0f694f3c81a4fb7b71d5056636aecf98fd9b6f6 Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...

[SECURITY] Fedora 42 Update: python3.6-3.6.15-49.fc42

Python 3.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.6, see other distributions that support it, such as CentOS or RHEL with Software...

io.airlift:discovery (=324), io.airlift:http-client (=324) +13 more potentially affected by CVE-2025-5115 via org.eclipse.jetty.http2:jetty-http2-common (>=12.1.0.alpha0 <=12.1.0.beta2)

org.eclipse.jetty.http2:jetty-http2-common MAVEN version =12.1.0.alpha0, =12.1.0.alpha2, =12.1.0.alpha0, =12.1.0.alpha0, =12.1.0.alpha0, =12.1.0.alpha0, =12.1.0.alpha0, =12.1.0.beta2 Source cves: CVE-2025-5115 Source advisory: SNYK:JAVA-ORGECLIPSEJETTYHTTP2-12047664...

Exploit for Improper Input Validation in Tvt Td-2108Ts-Cl_Firmware

CVE-2025-34036 - TVT DVR Simulation This repository contains...

AZL-70460 CVE-2025-38556 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: HID: core: Harden s32ton against conversion to 0 bits Testing by the syzbot fuzzer showed that the HID core gets a shift-out-of-bounds exception when it tries to convert a 32-bit quantity to a 0-bit quantity. Ideally this should...

CIA+TA Risk Assessment for AI Reasoning Vulnerabilities

As AI systems increasingly influence critical decisions, they face threats that exploit reasoning mechanisms rather than technical infrastructure. We present a framework for cognitive cybersecurity, a systematic protection of AI reasoning processes from adversarial manipulation. Our contributions...

Security-As-A-Function for IDS/IPS in Softwarized Network and Applications to 5G Network Systems

The service-based architecture of 5G network allows network operators to place virtualized network functions on commodity hardware, unlike the traditional vendor-specific hardware-based functionalities. However, it expands the security vulnerabilities and threats to the 5G network. While there...

Exploit for CVE-2025-54253

CVE-2025-54253 Adobe AEM OGNL Injection Simulated PoC Lab !...

CVE-2025-8989

A vulnerability was found in SourceCodester COVID 19 Testing Management System 1.0. This issue affects some unknown processing of the file /edit-phlebotomist.php. The manipulation of the argument mobilenumber leads to sql injection. The attack may be initiated remotely. The exploit has been...

Reducing False Positives with Active Behavioral Analysis for Cloud Security

Rule-based cloud security posture management CSPM solutions are known to produce a lot of false positives based on the limited contextual understanding and dependence on static heuristics testing. This paper introduces a validation-driven methodology that integrates active behavioral testing in...

CVE-2025-8988

A vulnerability has been found in SourceCodester COVID 19 Testing Management System 1.0. This vulnerability affects unknown code of the file /bwdates-report-result.php. The manipulation of the argument fromdate leads to sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2025-8985

A vulnerability was found in SourceCodester COVID 19 Testing Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack can be launched remotely. The exploit has been...

CVE-2025-38512 wifi: prevent A-MSDU attacks in mesh networks

In the Linux kernel, the following vulnerability has been resolved: wifi: prevent A-MSDU attacks in mesh networks This patch is a mitigation to prevent the A-MSDU spoofing vulnerability for mesh networks. The initial update to the IEEE 802.11 standard, in response to the FragAttacks, missed this...

CVE-2025-38507

In CVE-2025-38507, the Linux kernel fix addresses HID Nintendo controllers by preventing kernel stalls during bluetooth suspend/resume. The patch adds JOYCON_CTLR_STATE_SUSPENDED in nintendo_hid_suspend to avoid waiting for stalled input reports, and avoids reinitializing bluetooth Joy-Cons in ni...

CVE-2025-8953

A vulnerability was determined in SourceCodester COVID 19 Testing Management System 1.0. Affected by this issue is some unknown functionality of the file /checkavailability.php. The manipulation of the argument employeeid leads to sql injection. The attack may be launched remotely. The exploit ha...

CVE-2025-8926

A vulnerability was found in SourceCodester COVID 19 Testing Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /login.php. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit has been...