Linux Distros Unpatched Vulnerability : CVE-2024-1023

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in the Eclipse Vert.x toolkit results in a memory leak due to using Netty FastThreadLocal data structures. Specifically, when the Vert.x HTTP...

Linux Distros Unpatched Vulnerability : CVE-2019-1010204

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU binutils gold gold v1.11-v1.16 GNU binutils v2.21-v2.31.1 is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The...

Open Redirect

Overview codechecker is an analyzer tooling, defect database and viewer extension Affected versions of this package are vulnerable to Open Redirect due to improper sanitization of URL path segments after the product name. An attacker can redirect users to a malicious website by crafting a URL tha...

Exploit for CVE-2025-23942

WP Load Gallery Exploit CVE-2025-23942 📌 Description Unr...

NETGEAR DGN2200 安全漏洞

The NETGEAR DGN2200 is a wireless router from NETGEAR. The NETGEAR DGN2200 is vulnerable to a privilege issue. An attacker can exploit the vulnerability by adding "?x=1.gif" to the requested URL to be recognized as authenticated...

The vulnerability of the ethtool component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the ethtool component in the Linux operating system’s kernel is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Linux operating system’s kernel component, which allows a hacker to cause a service failure

The vulnerability of the kernel component in the Linux operating system is related to the assignment of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...

Vulnerabilities fixed in Microsoft Visual Studio

Microsoft has fixed vulnerabilities in Visual Studio. A malicious person could exploit the vulnerabilities to grant themselves elevated privileges, potentially executing arbitrary code with developer privileges. Successful exploitation requires the malicious party to trick the victim into opening...

WordPress plugin Munk Sites 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site request forge...

CVE-2024-11415

The WP-Orphanage Extended plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2. This is due to missing or incorrect nonce validation on the wporphanageexmenusettings function. This makes it possible for unauthenticated attackers to escalate th...

One policy to rule them all

Windows group policies are a powerful management tool that allows administrators to define and control user and computer settings within a domain environment in a centralized manner. While group policies offer functionality and utility, they are unfortunately a prime target for attackers. In...

rsync: Info Leak via Uninitialized Stack Contents

A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length s2length to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time...

The vulnerability of the Linux operating system’s kernel, related to improper release of memory before deleting the last reference, allows a hacker to trigger a service failure.

The vulnerability of the Linux operating system’s kernel is related to the improper release of memory before deleting the last reference. Exploiting this vulnerability can allow an attacker to cause a service failure...

CVE-2024-28766 IBM Security Directory Integrator information disclosure

IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 could disclose sensitive information about directory contents that could aid in further attacks against the system...

PT-2025-5646 · Asteval · Asteval

Name of the Vulnerable Software and Affected Versions: asteval affected versions not specified Description: The issue arises from how asteval performs attribute access verification, specifically in the on attribute node handler. This handler prevents access to attributes that are either present i...

The vulnerability of the Boost library in the Mercedes-Benz MBUX multimedia system allows a intruder to trigger a service failure.

The vulnerability of the Boost library in the Mercedes-Benz MBUX multimedia system is related to integer overflow when processing values of cid. Exploiting this vulnerability can allow an attacker to cause a service failure...

Oracle MySQL Server 安全漏洞

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. Oracle MySQL has a security vulnerability in MySQL Server. An attacker can exploit the vulnerability to read a subset of MySQL Server accessible data...

Google Pixel 代码问题漏洞

Android is a free and open source Linux-based operating system led and developed by Google Inc. and the Open Handset Alliance. A denial of service vulnerability exists in the Google Android System. An attacker can exploit the vulnerability to launch a denial-of-service attack...

CVE-2024-36258

A stack-based buffer overflow vulnerability exists in the touchlistsync.cgi touchlistsync functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can send an HTTP request to trigger this vulnerability...

Arbitrary File Write

keras is vulnerable to Arbitrary File Write. The vulnerability is due to improper handling of downloaded tar files in the getfile function. When the function extracts the tar file, it does not properly validate or sanitize the file paths, allowing attackers to write files to arbitrary locations o...