CVE-2025-30874

Missing Authorization vulnerability in Jose Mortellaro Specific Content For Mobile specific-content-for-mobile allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Specific Content For Mobile: from n/a through = 0.5.3...

PT-2025-20502

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved by adding a check for the plane value in the dispc ovl setup function. The function is not intended to work with the value OMAP DSS ...

Creating a Windows Application Using Visual Studio Code, Cline, OpenRouter, and Claude

I just created a Windows 10/11 application that takes square screen captures. I did zero coding myself but used Visual Studio Code, Cline, OpenRouter, and Claude. I got the idea by watching a video on so-called Vibe programming by a YouTuber named Memory. I have zero Windows programming experienc...

Alleged Israeli LockBit Developer Rostislav Panev Extradited to U.S. for Cybercrime Charges

A 51-year-old dual Russian and Israeli national who is alleged to be a developer of the LockBit ransomware group has been extradited to the United States, nearly three months after he was formally charged in connection with the e-crime scheme. Rostislav Panev was previously arrested in Israel in...

i3c: Use i3cdev->desc->info instead of calling i3c_device_get_info() to avoid deadlock

...

net: af_can: do not leave a dangling sk pointer in can_create()

...

netrom: check buffer length before accessing it

...

CVE-2025-27416

Scratch-Coding-Hut.github.io is the website for Coding Hut. The website as of 28 February 2025 contained a sign in with scratch username and password form. Any user who used the sign in page would be susceptible to any other user signing into their account. As of time of publication, a fix is not...

CVE-2025-27416 Asking For Scratch Username And Password

Scratch-Coding-Hut.github.io is the website for Coding Hut. The website as of 28 February 2025 contained a sign in with scratch username and password form. Any user who used the sign in page would be susceptible to any other user signing into their account. As of time of publication, a fix is not...

CVE-2025-27416

CVE-2025-27416 affects the Scratch-Coding-Hut.github.io sign-in page. The vulnerability described states that the sign-in form allows a user to sign into another user’s account, implying an account-authentication/authorization issue on the website. As published, there is no available fix and a fi...

CVE-2025-27416 Asking For Scratch Username And Password

Scratch-Coding-Hut.github.io is the website for Coding Hut. The website as of 28 February 2025 contained a sign in with scratch username and password form. Any user who used the sign in page would be susceptible to any other user signing into their account. As of time of publication, a fix is not...

Scratch Coding Hut 授权问题漏洞

Scratch Coding Hut is a coding website open-sourced by Scratch Coding Hut. Scratch Coding Hut suffers from an authorization issue vulnerability. An attacker can log in to other people's accounts by exploiting this vulnerability...

12,000+ API Keys and Passwords Found in Public Datasets Used for LLM Training

A dataset used to train large language models LLMs has been found to contain nearly 12,000 live secrets, which allow for successful authentication. The findings once again highlight how hard-coded credentials pose a severe security risk to users and organizations alike, not to mention compounding...

DEBIAN-CVE-2025-1594

A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1. This affects the function ffaacsearchfortns of the file libavcodec/aacenctns.c of the component AAC Encoder. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...

SUSE CVE-2025-27091

OpenH264 is a free license codec library which supports H.264 encoding and decoding. A vulnerability in the decoding functions of OpenH264 codec library could allow a remote, unauthenticated attacker to trigger a heap overflow. This vulnerability is due to a race condition between a Sequence...

Python 3.12 Documentation Cross Site Scripting

The official Python 3.12 documentation provides a code example that results in implementing insecure code susceptible to cross site scripting. Python's official documentation contains textbook example of insecure code XSS Date: 2025-02-18 Author: Georgi Guninski From the official Python 3.12...

DEBIAN-CVE-2025-27091

OpenH264 is a free license codec library which supports H.264 encoding and decoding. A vulnerability in the decoding functions of OpenH264 codec library could allow a remote, unauthenticated attacker to trigger a heap overflow. This vulnerability is due to a race condition between a Sequence...

CVE-2025-22919

A reachable assertion in FFmpeg git-master commit N-113007-g8d24a28d06 allows attackers to cause a Denial of Service DoS via opening a crafted AAC file...

CVE-2025-1042

An insecure direct object reference vulnerability in GitLab EE affecting all versions from 15.7 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 allows an attacker to view repositories in an unauthorized way...

CVE-2024-56028

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in lemonadestudio Lemonade Social Networks Autoposter Pinterest lemonade-sna-pinterest-edition allows Reflected XSS.This issue affects Lemonade Social Networks Autoposter Pinterest: from n/a through =...