Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 / 25.04 : GLib vulnerability (USN-7532-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 / 25.04 host has packages installed that are affected by a vulnerability as referenced in the USN-7532-1 advisory. It was discovered that Glib incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash...

The vulnerability of Microprogrammed Software for Intel Arc A-series Graphics and Intel Arc Pro A-series Graphics lies in insufficient testing of exception states, allowing attackers to trigger service failures.

The vulnerability of microprogrammed software for Intel Arc A-series graphics processors and Intel Arc Pro A-series graphics processors is related to insufficient testing of exception states. Exploiting this vulnerability can allow attackers to cause system failures...

Mal-D2GAN: Double-Detector Based GAN for Malware Generation

Machine learning ML has been developed to detect malware in recent years. Most researchers focused their efforts on improving the detection performance but ignored the robustness of the ML models. In addition, many machine learning algorithms are very vulnerable to intentional attacks. To solve...

Exploit for Authentication Bypass by Primary Weakness in Crushftp

CVE-2025-31161 - CrushFTP User Creation Authentication Bypass...

Exploit for CVE-2025-0133

CVE-2025-0133 Reflected XSS Detection Tool Author: Derek...

CVE-2024-32467

MeterSphere is an open source continuous testing platform. Prior to version 2.10.14-lts, members without space permissions can view member information from other workspaces beyond their authority. Version 2.10.14-lts fixes this issue...

CVE-2024-6727

A flaw in versions of Delphix Data Control Tower DCT prior to 19.0.0 results in broken authentication through the enable-scale-testing functionality of the application...

CVE-2024-37161

MeterSphere is an open source continuous testing platform. Prior to version 1.10.1-lts, the system's step editor stores cross-site scripting vulnerabilities. Version 1.10.1-lts fixes this issue...

CVE-2024-10515

In the process of testing the SEO Plugin by Squirrly SEO WordPress plugin before 12.3.21, a vulnerability was found that allows you to implement Stored XSS on behalf of the editor by embedding malicious script, which entails account takeover backdoor...

CVE-2024-55652

PenDoc is a penetration testing reporting application. Prior to commit 1d4219c596f4f518798492e48386a20c6e9a2fe6, an attacker can write a malicious docx template containing expressions that escape the JavaScript sandbox to execute arbitrary code on the system. An attacker who can control the...

CVE-2024-55268

A Reflected Cross Site Scripting XSS vulnerability was found in /covidtms/registered-user-testing.php in PHPGurukul COVID 19 Testing Management System 1.0 which allows remote attackers to execute arbitrary code via the regmobilenumber parameter...

CVE-2024-53635

A Reflected Cross Site Scripting XSS vulnerability was found in /covid-tms/patient-search-report.php in PHPGurukul COVID 19 Testing Management System v1.0, which allows remote attackers to execute arbitrary code via the searchdata POST request parameter...

CVE-2024-53604

A SQL Injection vulnerability was found in /covid-tms/checkavailability.php in PHPGurukul COVID 19 Testing Management System v1.0, which allows remote attackers to execute arbitrary code via the mobnumber POST request parameter...

CVE-2024-53603

A SQL Injection vulnerability was found in /covid-tms/password-recovery.php in PHPGurukul COVID 19 Testing Management System v1.0, which allows remote attackers to execute arbitrary code via the contactno POST request parameter...

CVE-2023-41946

A cross-site request forgery CSRF vulnerability in Jenkins Frugal Testing Plugin 1.1 and earlier allows attackers to connect to Frugal Testing using attacker-specified credentials, and to retrieve test IDs and names from Frugal Testing, if a valid credential corresponds to the attacker-specified...

CVE-2023-41947

A missing permission check in Jenkins Frugal Testing Plugin 1.1 and earlier allows attackers with Overall/Read permission to connect to Frugal Testing using attacker-specified credentials...

CVE-2023-38494

MeterSphere is an open-source continuous testing platform. Prior to version 2.10.4 LTS, some interfaces of the Cloud version of MeterSphere do not have configuration permissions, and are sensitively leaked by attackers. Version 2.10.4 LTS contains a patch for this issue...

CVE-2023-46583

Cross-Site Scripting XSS vulnerability in PHPGurukul Nipah virus NiV " Testing Management System v.1.0 allows attackers to execute arbitrary code via a crafted payload injected into the State field...

CVE-2023-46584

SQL Injection vulnerability in PHPGurukul Nipah virus NiV " Testing Management System v.1.0 allows a remote attacker to escalate privileges via a crafted request to the new-user-testing.php endpoint...

CVE-2023-28671

A cross-site request forgery CSRF vulnerability in Jenkins OctoPerf Load Testing Plugin Plugin 4.5.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...