224 matches found
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: drivers/perf: Fixed the issue with clearing the interrupt status in the alidrwpmu driver. The alibabauncorepmu driver forgot to clear all interrupt statuses during interrupt processing. After the PMU counter overflow interrupt...
WordPress Taboola Pixel plugin <= 1.1.4 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Ali Osman ERBAS 0110m4n in WordPress Plugin Taboola Pixel versions = 1.1.4...
WordPress ExactMetrics plugin 7.1.0-9.0.2 - Authenticated (Custom) Improper Privilege Management to Role Privilege Escalation via Settings Update vulnerability
Authenticated Custom Improper Privilege Management to Role Privilege Escalation via Settings Update vulnerability discovered by Ali Sünbül in WordPress Plugin ExactMetrics versions 7.1.0-9.0.2...
WordPress Gutenberg Blocks with AI by Kadence WP plugin <= 3.6.1 - Authenticated (Contributor+) Server-Side Request Forgery via 'endpoint' Parameter vulnerability
Authenticated Contributor+ Server-Side Request Forgery via 'endpoint' Parameter vulnerability discovered by Ali Sünbül in WordPress Plugin Gutenberg Blocks by Kadence Blocks versions = 3.6.1...
WordPress Gutenberg Blocks with AI by Kadence WP plugin <= 3.6.1 - Missing Authorization to Authenticated (Contributor+) Unauthorized Media Upload vulnerability
Missing Authorization to Authenticated Contributor+ Unauthorized Media Upload vulnerability discovered by Ali Sünbül in WordPress Plugin Gutenberg Blocks by Kadence Blocks versions = 3.6.1...
trends-widget Cross-Site Scripting Vulnerability
Trends-Widget is a plugin developed by Zain Ali, a personal developer for MyBB. Version 1.2 of Trends-Widget contains a cross-site scripting vulnerability. This vulnerability stems from insufficient input validation for thread titles, which may lead to cross-site scripting attacks...
CVE-2026-1140
A vulnerability was found in UTT 进取 520W 1.7.7-180627. This issue affects the function strcpy of the file /goform/ConfigExceptAli. The manipulation results in buffer overflow. It is possible to launch the attack remotely. The exploit has been made public and could be used. The vendor was contacte...
CVE-2023-45642
Cross-Site Request Forgery CSRF vulnerability in Hassan Ali Snap Pixel plugin = 1.5.7 versions...
Malicious code in poliaoz-ali-avuku (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d9840d8a1fcd364e2090a3d6dc06a36da790ebfc11b89cc02b3b1e72ec38f0f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-184850 Malicious code in poliaoz-ali-avuku (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d9840d8a1fcd364e2090a3d6dc06a36da790ebfc11b89cc02b3b1e72ec38f0f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in poliaoz-ali-avanuku (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 90dfe94e6fb80b17413cee1e1877b79e62220e9a55228cd56b5957c8c62f7c22 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-184845 Malicious code in poliaoz-ali-ava0nu0ku (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector daf0d1ee6455358f77f62a89beee65196d91078a3aad2ecb3a73fceed4e957d0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in piluka-ali-ipib (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 875dba20a73593d47125520371c1dc48981c365160c0a5a4dbfa5e8a179514bb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in piluka-ali-bicupaibai (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9c622771ca8b3a9918771f607ff318ea9b11bc54ee8d57921958a4718cf1bc4e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-164223 Malicious code in piluka-ali-icpaibai (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 44c8789cf43a0e6d7ec379a93fba647919050dd0c722c99087978aa03f9fd237 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-164228 Malicious code in piluka-ali-ipibi (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 97cef7ced91e81cd99e5d0a15d0d7caa4745f6e1b546fbecee52fba5c15760f0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in poli-aki-ali (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 494b6c565568a18bbb549c4cdb922ea390e83f564c59c8c5e9becb4a116e16a5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
USN-7862-1 linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-intel-iotg-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle, linux-oracle-5.15 vulnerability
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...
EUVD-2014-6675
Malware in sbrugna...
EUVD-2022-45943
Malicious code in bioql PyPI...