1612 matches found
PT-2025-49433
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's Bluetooth implementation within the hci cmd complete evt function. Specifically, the code does not validate the length of the socket buffer skb before...
📄 Commvault CLI 11.36.60 Remote Code Execution
Proof of concept exploit for the Commvault CLI version 11.36.60 remote code execution vulnerability. ============================================================================================================================================= | Title : Commvault CLI 11.36.60 RCE PHP Implementatio...
SUSE CVE-2025-40213
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: fix crash in setmeshsync and setmeshcomplete There is a BUG: KASAN: stack-out-of-bounds in setmeshsync due to memcpy from badly declared on-stack flexible array. Another crash is in setmeshcomplete due to double...
MAL-2025-191438 Malicious code in typeface-antonio-complete (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c235d9ce1035017bbe5c1605d3915069791ed17717ac6c6aada75553b43286a4 The package typeface-antonio-complete was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-199248
Malicious code in typeface-antonio-complete npm...
Malicious code in typeface-antonio-complete (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c235d9ce1035017bbe5c1605d3915069791ed17717ac6c6aada75553b43286a4 The package typeface-antonio-complete was found to contain malicious code. Source: ghsa-malware...
Malicious code in typefence (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c9ac344bf18963e146d64aec1de72c3db819eb2c4356be7257ef1980555a17f The package typefence was found to contain malicious code. Source: ghsa-malware 28d8025e6d485b7679079ba265b2ed9a28c10029903c94441308121d974cbf18 Any...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
EUVD-2025-198890
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: fix crash in setmeshsync and setmeshcomplete There is a BUG: KASAN: stack-out-of-bounds in setmeshsync due to memcpy from badly declared on-stack flexible array. Another crash is in setmeshcomplete due to double...
DEBIAN-CVE-2025-40213
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: fix crash in setmeshsync and setmeshcomplete There is a BUG: KASAN: stack-out-of-bounds in setmeshsync due to memcpy from badly declared on-stack flexible array. Another crash is in setmeshcomplete due to double...
CVE-2025-40213
CVE-2025-40213 is a Linux kernel vulnerability in the Bluetooth MGMT subsystem. Root cause: stack-out-of-bounds in set_mesh_sync (memcpy from on-stack flexible array) and a crash in set_mesh_complete (double list_del). A fix uses DEFINE_FLEX for on-stack flexible arrays and prevents memcpy beyond...
CVE-2025-40213 Bluetooth: MGMT: fix crash in set_mesh_sync and set_mesh_complete
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: fix crash in setmeshsync and setmeshcomplete There is a BUG: KASAN: stack-out-of-bounds in setmeshsync due to memcpy from badly declared on-stack flexible array. Another crash is in setmeshcomplete due to double...
CVE-2025-40213
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: fix crash in setmeshsync and setmeshcomplete There is a BUG: KASAN: stack-out-of-bounds in setmeshsync due to memcpy from badly declared on-stack flexible array. Another crash is in setmeshcomplete due to double...
CVE-2025-40213
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: fix crash in setmeshsync and setmeshcomplete There is a BUG: KASAN: stack-out-of-bounds in setmeshsync due to memcpy from badly declared on-stack flexible array. Another crash is in setmeshcomplete due to double...
CVE-2025-40213 Bluetooth: MGMT: fix crash in set_mesh_sync and set_mesh_complete
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: fix crash in setmeshsync and setmeshcomplete There is a BUG: KASAN: stack-out-of-bounds in setmeshsync due to memcpy from badly declared on-stack flexible array. Another crash is in setmeshcomplete due to double...
SharePoint or OneDrive Backup fails with 'Cannot complete this action'
Challenge A backup attempt for SharePoint Online and OneDrive objects may fail with the following message: Cannot complete this action. Please try again. Total count of failed items: N Underlying Error: Server error of type Microsoft.SharePoint.SPException occurred: -2147467259 Cannot complete th...
CVE-2025-13484
A vulnerability was identified in Campcodes Complete Online Beauty Parlor Management System 1.0. This vulnerability affects unknown code of the file /admin/customer-list.php. The manipulation of the argument Name leads to cross site scripting. The attack may be initiated remotely. The exploit is...
PT-2025-47640
Name of the Vulnerable Software and Affected Versions Campcodes Complete Online Beauty Parlor Management System version 1.0 Description A cross site scripting issue exists in Campcodes Complete Online Beauty Parlor Management System 1.0. The issue is located in the file /admin/customer-list.php...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990882)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990882 advisory. In the Linux kernel, the following vulnerability has been resolved: genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline The absence of IRQDMOVEPCNT...
Gladinet Triofox Improper Access Control Vulnerability
Gladinet Triofox contains an improper access control vulnerability that allows access to initial setup pages even after setup is complete...