PT-2025-35718

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's netfilter module related to handling duplicate devices during netfilter table updates. Specifically, a chain or flowtable update may proceed with...

adversarial-attacks-white-black-box (=0.1.7), americodraws (>=0.1.0 <=0.1.5) +90 more potentially affected by CVE-2025-25302 via rembg (>=2.0.57 <=2.0.75)

rembg PYPI version =2.0.57, =0.1.0, =0.0.64, =0.3.3, =0.1.0, =0.1.0, =2.0.2, =2.1.49 - damon-devtools =0.9.0 and more Source cves: CVE-2025-25302 Source advisory: SNYK:PYTHON-REMBG-9296365...

Malicious code in pydefender (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a1e2cc2d94eff74e302118c35c34f87e76175fe507facbe21c29883960c8223e setup.py is prepared to download and run an obfuscated batch script. While the script is not detected by any AV currently, in the sandbox analysis it reveals...

ChurchCRM CurrentFundraiser Parameter Blind SQL Injection Vulnerability

ChurchCRM is an open source church management system. ChurchCRM suffers from a blind SQL injection vulnerability that stems from the CurrentFundraiser parameter being directly attached to a SQL query without sufficient cleanup, which can be exploited by an attacker to execute arbitrary SQL querie...

SUSE CVE-2022-49699

In the Linux kernel, the following vulnerability has been resolved: filemap: Handle sibling entries in filemapgetreadbatch If a read races with an invalidation followed by another read, it is possible for a folio to be replaced with a higher-order folio. If that happens, we'll see a sibling entry...

DEBIAN-CVE-2022-49699

In the Linux kernel, the following vulnerability has been resolved: filemap: Handle sibling entries in filemapgetreadbatch If a read races with an invalidation followed by another read, it is possible for a folio to be replaced with a higher-order folio. If that happens, we'll see a sibling entry...

PT-2025-47992

Name of the Vulnerable Software and Affected Versions MongoDB Server versions prior to 7.0.26 MongoDB Server versions prior to 8.0.13 MongoDB Server versions prior to 8.1.2 Description MongoDB Server may encounter an invariant failure during batched delete operations when processing documents. Th...

CVE-2022-21728

Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for ReverseSequence does not fully validate the value of batchdim and can result in a heap OOB read. There is a check to make sure the value of batchdim does not go over the rank of the input, but there...

CVE-2020-8488

Insufficient protection of the inter-process communication functions in ABB System 800xA Batch Management all published versions enables an attacker authenticated on the local system to inject data, affecting User Interface update during batch execution and/or compare/printing functionalities...

CVE-2024-36138

Bypass incomplete fix of CVE-2024-27980, that arises from improper handling of batch files with all possible extensions on Windows via childprocess.spawn / childprocess.spawnSync. A malicious command line argument can inject arbitrary commands and achieve code execution even if the shell option i...

CVE-2024-35783

A vulnerability has been identified in SIMATIC BATCH V9.1 All versions, SIMATIC Information Server 2020 All versions V2020 SP2 Update 5, SIMATIC Information Server 2022 All versions V2022 SP1 Update 2, SIMATIC PCS 7 V9.1 All versions V9.1 SP2 UC06, SIMATIC Process Historian 2020 All versions V202...

SUSE CVE-2025-21677

In the Linux kernel, the following vulnerability has been resolved: pfcp: Destroy device along with udp socket's netns dismantle. pfcpnewlink links the device to a list in devnetdev instead of net, where a udp tunnel socket is created. Even when net is removed, the device stays alive on devnetdev...

UBUNTU-CVE-2025-21677

In the Linux kernel, the following vulnerability has been resolved: pfcp: Destroy device along with udp socket's netns dismantle. pfcpnewlink links the device to a list in devnetdev instead of net, where a udp tunnel socket is created. Even when net is removed, the device stays alive on devnetdev...

CVE-2025-24014

Vim is an open source, command line text editor. A segmentation fault was found in Vim before 9.1.1043. In silent Ex mode -s -e, Vim typically doesn't show a screen and just operates silently in batch mode. However, it is still possible to trigger the function that handles the scrolling of a gui...

CVE-2025-24014

Vim (the editor) has a vulnerability CVE-2025-24014 causing a segmentation fault when running in silent batch mode in certain scenarios that trigger the GUI scrolling code path; the fault occurs because ScreenLines may be accessed before allocation. A fix is available in Vim 9.1.1043 and later. M...

PT-2025-5260 · Vim +6 · Vim +6

Name of the Vulnerable Software and Affected Versions: Vim versions prior to 9.1.1043 Description: A segmentation fault was found in Vim. In silent Ex mode -s -e, Vim typically doesn't show a screen and just operates silently in batch mode. However, it is still possible to trigger the function th...

BIT-NODE-2024-27980

Due to the improper handling of batch files in childprocess.spawn / childprocess.spawnSync, a malicious command line argument can inject arbitrary commands and achieve code execution even if the shell option is not enabled...

BIT-NODE-MIN-2024-27980

Due to the improper handling of batch files in childprocess.spawn / childprocess.spawnSync, a malicious command line argument can inject arbitrary commands and achieve code execution even if the shell option is not enabled...

CVE-2024-27980

Due to the improper handling of batch files in childprocess.spawn / childprocess.spawnSync, a malicious command line argument can inject arbitrary commands and achieve code execution even if the shell option is not enabled...

CVE-2024-27980

Due to the improper handling of batch files in childprocess.spawn / childprocess.spawnSync, a malicious command line argument can inject arbitrary commands and achieve code execution even if the shell option is not enabled...