CVE-2025-61514

An arbitrary file upload vulnerability in SageMath, Inc CoCalc before commit 0d2ff58 allows attackers to execute arbitrary code via uploading a crafted SVG file...

EUVD-2025-34813

An arbitrary file upload vulnerability in SageMath, Inc CoCalc before commit 0d2ff58 allows attackers to execute arbitrary code via uploading a crafted SVG file...

CVE-2025-61514

An arbitrary file upload vulnerability in SageMath, Inc CoCalc before commit 0d2ff58 allows attackers to execute arbitrary code via uploading a crafted SVG file...

EUVD-2025-34808

Hardcoded credentials in gsigel14 ATLAS-EPIC commit f29312c 2025-05-26...

CVE-2025-60639

Hardcoded credentials in gsigel14 ATLAS-EPIC commit f29312c 2025-05-26...

CVE-2025-61514

An arbitrary file upload vulnerability in SageMath, Inc CoCalc before commit 0d2ff58 allows attackers to execute arbitrary code via uploading a crafted SVG file...

CVE-2025-61514

An arbitrary file upload vulnerability in SageMath, Inc CoCalc before commit 0d2ff58 allows attackers to execute arbitrary code via uploading a crafted SVG file...

CVE-2025-60639

Hardcoded credentials in gsigel14 ATLAS-EPIC commit f29312c 2025-05-26...

CVE-2025-60639

Hardcoded credentials in gsigel14 ATLAS-EPIC commit f29312c 2025-05-26...

CVE-2025-61514

CVE-2025-61514 affects SageMath, Inc. CoCalc prior to the fix commit 0d2ff58, where an attacker can upload a crafted SVG file to achieve arbitrary code execution. The issue is triggered by an arbitrary file upload vulnerability in the CoCalc front-end/back-end stack, enabling code execution on th...

CVE-2025-60639

CVE-2025-60639 affects the ATLAS-EPIC project by gsiegel14, based on the consolidated records: hardcoded credentials in commit f29312c (2025-05-26). The CVSS v3.1 vector (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) yields a base score of 6.5 (Medium). There is no publicly documented exploitation status ...

CVE-2025-62376 pwn.college DOJO vulnerable to improper authentication in workspace endpoint allowing unauthorized Windows VM access

pwn.college DOJO is an education platform for learning cybersecurity. Prior to commit 467db0b9ea0d9a929dc89b41f6eb59f7cfc68bef, the /workspace endpoint contains an improper authentication vulnerability that allows an attacker to access any active Windows VM without proper authorization. The...

PT-2025-41797

Name of the Vulnerable Software and Affected Versions rAthena versions prior to commit af2f3ba Description rAthena is an open-source cross-platform MMORPG server. A use-after-free issue exists in the RODEX functionality of rAthena’s map-server. An unauthenticated attacker can exploit this issue v...

Arbitrary Code Injection

Overview org.webjars.npm:happy-dom is a Happy DOM is a JavaScript implementation of a web browser without its graphical user interface. It includes many web standards from WHATWG DOM and HTML. Affected versions of this package are vulnerable to Arbitrary Code Injection due to default evaluation o...

PT-2025-44377

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's Network File System Direct NFSD component. Specifically, the issue involves the handling of LAYOUTCOMMIT operations on FlexFiles layouts by pNFS...

SUSE CVE-2023-53629

In the Linux kernel, the following vulnerability has been resolved: fs: dlm: fix use after free in midcomms commit While working on processing dlm message in softirq context I experienced the following KASAN use-after-free warning: 151.760477...

Linux Distros Unpatched Vulnerability : CVE-2022-50465

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ext4: fix leaking uninitialized memory in fast-commit journal When space at the end of...

Linux Distros Unpatched Vulnerability : CVE-2022-50428

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: fix off-by-one errors in fast-commit block filling Due to several different off-by-one errors, or perhaps due to a late change in design that wasn't fully...

SUSE CVE-2022-50534

In the Linux kernel, the following vulnerability has been resolved: dm thin: Use last transaction's pmd-root when commit failed Recently we found a softlock up problem in dm thin pool btree lookup code due to corrupted metadata: Kernel panic - not syncing: softlockup: hung tasks CPU: 7 PID: 26692...

CVE-2023-53629

In the Linux kernel, the following vulnerability has been resolved: fs: dlm: fix use after free in midcomms commit While working on processing dlm message in softirq context I experienced the following KASAN use-after-free warning: 151.760477...