9293 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-38470
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime Assuming the rx-vlan- filter feature is enabled on a net device, the 8021q module...
ViT-EnsembleAttack: Augmenting Ensemble Models for Stronger Adversarial Transferability in Vision Transformers
Ensemble-based attacks have been proven to be effective in enhancing adversarial transferability by aggregating the outputs of models with various architectures. However, existing research primarily focuses on refining ensemble weights or optimizing the ensemble path, overlooking the exploration ...
CVE-2025-39510
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ValvePress Pinterest Automatic Pin wp-pinterest-automatic allows SQL Injection.This issue affects Pinterest Automatic Pin: from n/a through 4.19.0...
AUTOVR: Automated UI Exploration for Detecting Sensitive Data Flow Exposures in Virtual Reality Apps
The rise of Virtual Reality VR has provided developers with an unprecedented platform for creating games and applications apps that require distinct inputs, different from those of conventional devices like smartphones. The Meta Quest VR platform, driven by Meta, has democratized VR app publishin...
Trojans Embedded in .svg Files
Porn sites are hiding code in .svg files: Unpacking the attack took work because much of the JavaScript in the .svg images was heavily obscured using a custom version of "JSFuck," a technique that uses only a handful of character types to encode JavaScript into a camouflaged wall of text. Once...
Malicious code in @lbnqduy/automatic-octo-dollop (npm)
The package @lbnqduy/automatic-octo-dollop was found to contain malicious code...
Malicious code in @lbnqduy/automatic-guacamole (npm)
The package @lbnqduy/automatic-guacamole was found to contain malicious code...
Malicious code in @leaffm/automatic-script-test (npm)
The package @leaffm/automatic-script-test was found to contain malicious code...
MAL-2025-8367 Malicious code in @leaffm/automatic-script-test (npm)
The package @leaffm/automatic-script-test was found to contain malicious code...
MAL-2025-8320 Malicious code in @lbnqduy/automatic-octo-dollop (npm)
The package @lbnqduy/automatic-octo-dollop was found to contain malicious code...
MAL-2025-8319 Malicious code in @lbnqduy/automatic-guacamole (npm)
The package @lbnqduy/automatic-guacamole was found to contain malicious code...
CVE-2025-50817
A vulnerability in the Python-Future 1.0.0 module allows for arbitrary code execution via the unintended import of a file named test.py. When the module is loaded, it automatically imports test.py, if present in the same directory or in the sys.path. This behavior can be exploited by an attacker...
CVE-2025-39510
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ValvePress Pinterest Automatic Pin wp-pinterest-automatic allows SQL Injection.This issue affects Pinterest Automatic Pin: from n/a through 4.19.0...
CVE-2025-39510
CVE-2025-39510 affects the WordPress plugin “Pinterest Automatic Pin” (ValvePress). The issue is an SQL Injection due to improper neutralization of inputs in the plugin prior to version 4.19.0. Affected versions are those before 4.19.0 (reported as
CVE-2025-39510 WordPress Pinterest Automatic Pin plugin < 4.19.0 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ValvePress Pinterest Automatic Pin wp-pinterest-automatic allows SQL Injection.This issue affects Pinterest Automatic Pin: from n/a through 4.19.0...
CVE-2025-39510 WordPress Pinterest Automatic Pin plugin < 4.19.0 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ValvePress Pinterest Automatic Pin wp-pinterest-automatic allows SQL Injection.This issue affects Pinterest Automatic Pin: from n/a through 4.19.0...
python-future 安全漏洞
python-future is a Python compatible software open source by Python Charmers. A security vulnerability exists in python-future version 1.0.0, which stems from the automatic import of the test.py file and could lead to the execution of arbitrary code...
WordPress plugin Pinterest Automatic Pin SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Pinterest...
PT-2025-33169 · WordPress · Valvepress Pinterest Automatic Pin
Name of the Vulnerable Software and Affected Versions: ValvePress Pinterest Automatic Pin affected versions not specified Description: An improper neutralization of special elements used in an SQL command vulnerability exists in ValvePress Pinterest Automatic Pin. This allows for SQL injection...
CVE-2025-50817
Summary of CVE-2025-50817 : IBM security bulletins describe an arbitrary code execution in Python-Future 1.0.0 via unintended import of a local file named test.py when the module is loaded. The risk relies on an attacker who can write files to the server; Python’s import mechanism loads test.py f...