CVE-2025-12137

The Import WP – Export and Import CSV and XML files to WordPress plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 2.14.16. This is due to the plugin's REST API endpoint accepting arbitrary absolute file paths without proper validation in the...

CVE-2025-60319

PerfreeBlog v4.0.11 is vulnerable to Server-Side Request Forgery due to a missing authorization check in the uploadAttachByUrl API endpoint AttachController.java...

CVE-2025-60319

PerfreeBlog v4.0.11 is vulnerable to Server-Side Request Forgery due to a missing authorization check in the uploadAttachByUrl API endpoint AttachController.java...

PT-2025-44429

Name of the Vulnerable Software and Affected Versions PerfreeBlog version 4.0.11 Description The software contains a Server-Side Request Forgery condition resulting from a missing authorization check. This issue affects the uploadAttachByUrl API endpoint located in the AttachController.java file...

PerfreeBlog 安全漏洞

PerfreeBlog is PerfreeBlog open source, a java-based blog/CMS builder. A security vulnerability exists in PerfreeBlog version 4.0.11, which stems from a lack of authorization checking in the uploadAttachByUrl API endpoint, which could lead to server-side request forgery...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987682)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987682 advisory. In the Linux kernel, the following vulnerability has been resolved: driver core: fix deadlock in deviceattach In deviceattach function, The lock holding logic is as...

iommu/s390: Make attach succeed when the device was surprise removed

...

CVE-2025-39958

In the Linux kernel, the following vulnerability has been resolved: iommu/s390: Make attach succeed when the device was surprise removed When a PCI device is removed with surprise hotplug, there may still be attempts to attach the device to the default domain as part of tear down via...

CVE-2025-39958

In the Linux kernel, the following vulnerability has been resolved: iommu/s390: Make attach succeed when the device was surprise removed When a PCI device is removed with surprise hotplug, there may still be attempts to attach the device to the default domain as part of tear down via...

EUVD-2001-0993

Malware in sbrugna...

EUVD-2010-2056

Malware in sbrugna...

EUVD-2019-5269

Malware in sbrugna...

EUVD-2019-11977

Malware in sbrugna...

EUVD-2018-4504

Malware in sbrugna...

EUVD-2010-2057

Malware in sbrugna...

EUVD-2020-17612

Malware in sbrugna...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987154)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987154 advisory. In the Linux kernel, the following vulnerability has been resolved: cgroup: Add missing cpusreadlock to cgroupattachtaskall syzbot is hitting...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-398996)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-398996 advisory. In the Linux kernel, the following vulnerability has been resolved: media: ttpci: fix two memleaks in budgetavattach When saa7146registerdevice and saa7146vvinit...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987004)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987004 advisory. In the Linux kernel, the following vulnerability has been resolved: net: phy: fix null-ptr-deref while probe failed I got a null-ptr-deref report as following when...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986649)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986649 advisory. In the Linux kernel, the following vulnerability has been resolved: driver: base: fix UAF when driverattach failed When driverattachdrv %NASLMINLEVEL 80900 C Tenabl...