CVE-2023-54127

In the Linux kernel, the following vulnerability has been resolved: fs/jfs: prevent double-free in dbUnmount after failed jfsremount Syzkaller reported the following issue: ================================================================== BUG: KASAN: double-free in slabfree mm/slub.c:3787 inline...

CVE-2025-40336

No description is available for this CVE...

PT-2025-46602

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the hardware random number generator hwrng and the ks-sa driver. A division by zero error occurs in the ks sa rng init function due to an...

CVE-2023-53517

In the Linux kernel, the following vulnerability has been resolved: tipc: do not update mtu if msgmax is too small in mtu negotiation When doing link mtu negotiation, a malicious peer may send Activate msg with a very small mtu, e.g. 4 in Shuang's testing, without checking for the minimum mtu,...

PT-2025-39168

Name of the Vulnerable Software and Affected Versions Inka.Net versions prior to 6.7.1 Description A flaw exists in Inka.Net that allows for command injection through the unrestricted upload of files with dangerous types. This issue could potentially allow an attacker to execute arbitrary command...

PT-2025-38190

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where the mlx5 driver attempts to collect failure data for general commands not used by mlx5, leading to an array-index-out-of-bounds error. This occur...

CVE-2025-38682

In the Linux kernel, the following vulnerability has been resolved: i2c: core: Fix double-free of fwnode in i2cunregisterdevice Before commit df6d7277e552 "i2c: core: Do not dereference fwnode in struct device", i2cunregisterdevice only called fwnodehandleput on ofnode-s in the form of calling...

CVE-2025-8114

creationtimestamp| type| source ---|---|--- 2025-07-24 14:32:16+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114908694803642637 2025-09-19 18:51:31+00:00| seen| https://gist.github.com/EbonJaeger/2ba8ad95fbe2fa2ac2e44b74f6abfe47 2025-11-03 06:19:06+00:00| seen|...

CVE-2025-6974

creationtimestamp| type| source ---|---|--- 2025-07-15 15:19:19+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114857919005997369 2025-07-17 03:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-618/...

CVE-2025-38337

In the Linux kernel, the following vulnerability has been resolved: jbd2: fix data-race and null-ptr-deref in jbd2journaldirtymetadata Since handle-htransaction may be a NULL pointer, so we should change it to call ishandleabortedhandle first before dereferencing it. And the following data-race w...

CVE-2025-20702

creationtimestamp| type| source ---|---|--- 2025-06-30 04:18:42+00:00| published-proof-of-concept| https://t.me/CyberBulletin/3544 2025-06-30 05:30:34+00:00| seen| https://bsky.app/profile/shiojiri.com/post/3lsshdtlu522v 2025-06-30 06:34:55+00:00| seen|...

CVE-2025-6500

creationtimestamp| type| source ---|---|--- 2025-06-23 02:38:58+00:00| seen| https://bsky.app/profile/potato.software/post/3lsakilf7xj2l 2025-06-23 02:46:20+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/19175 2025-06-23 03:00:41+00:00| published-proof-of-concept|...

CVE-2022-47072

SQL injection vulnerability in Enterprise Architect 16.0.1605 32-bit allows attackers to run arbitrary SQL commands via the Find parameter in the Select Classifier dialog box...

CVE-2020-36380

An issue was discovered in the crunch function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters...

CVE-2025-30322

creationtimestamp| type| source ---|---|--- 2025-05-13 18:37:14+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114501971768097313 2025-05-13 20:48:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lp3eae6sgl2o 2025-05-13 21:24:39+00:00| seen| https://t.me/cvedetector/252...

CVE-2025-46743

creationtimestamp| type| source ---|---|--- 2025-05-12 17:32:41+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114496055573801981 2025-05-12 18:24:03+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/15939 2025-05-12 18:26:31+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/15958...

PT-2025-20333

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A data-race issue has been identified in the Linux kernel related to io uring. The issue arises when the request owner changes other flag bits, causing KCSAN to complain. The problem...

WordPress WP Twitter Button plugin <= 1.4.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by johska Patchstack Alliance in WordPress Plugin WP Twitter Button versions = 1.4.1...

PT-2025-27975

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to an integer underflow that can occur when a device sends a specific input, leading to MMIO write access to an invalid page in the i40e clear hw function. This is...

Linux Distros Unpatched Vulnerability : CVE-2024-46722

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix mcdata out-of-bounds read warning Clear warning that read mcdatai-1 may...