CVE-2025-51965

OURPHP thru 8.6.1 is vulnerable to Cross-Site Scripting XSS via the "Name" field of the "Complete Profile" functionality under the "My User Center" page, which can be accessed after registering through the front-end interface...

CVE-2025-51965

OURPHP thru 8.6.1 is vulnerable to Cross-Site Scripting XSS via the "Name" field of the "Complete Profile" functionality under the "My User Center" page, which can be accessed after registering through the front-end interface...

Linux Distros Unpatched Vulnerability : CVE-2025-37995

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - module: ensure that kobjectput is safe for module type kobjects In 'lookuporcreatemodulekobject', an internal kobject is created using 'modulektype'. So call to...

Linux Distros Unpatched Vulnerability : CVE-2025-38270

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: drv: netdevsim: don't napicomplete from netpoll netdevsim supports netpoll. Make sure w...

Complete Evasion, Zero Modification: PDF Attacks on AI Text Detection

AI-generated text detectors have become essential tools for maintaining content authenticity, yet their robustness against evasion attacks remains questionable. We present PDFuzz, a novel attack that exploits the discrepancy between visual text layout and extraction order in PDF documents. Our...

Ubisoft Entertainment多款产品 安全漏洞

Ubisoft Entertainment Heroes of Might and Magic III Complete, among others, is a turn-based strategy magic game by French company Ubisoft Entertainment. A security vulnerability exists in various Ubisoft Entertainment products, which originates from a buffer overflow that could lead to the...

CVE-2025-50099

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

Malicious code in square-crypto-utils-internal (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4c2a693727e119b7e668536dcb77730f98ba80f9bcc2b03f5bbc80f53fea74d2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

SUSE CVE-2025-38270

In the Linux kernel, the following vulnerability has been resolved: net: drv: netdevsim: don't napicomplete from netpoll netdevsim supports netpoll. Make sure we don't call napicomplete from it, since it may not be scheduled. Breno reports hitting a warning in napicompletedone: WARNING: CPU: 14...

Complete Online Learning Management System

Campcodes Complete Sales and Inventory System V1.0 /pages/repr...

Advanced Online Voting System

Campcodes Complete Sales and Inventory System V1.0 /pages/prod...

DEBIAN-CVE-2025-38270

In the Linux kernel, the following vulnerability has been resolved: net: drv: netdevsim: don't napicomplete from netpoll netdevsim supports netpoll. Make sure we don't call napicomplete from it, since it may not be scheduled. Breno reports hitting a warning in napicompletedone: WARNING: CPU: 14...

UBUNTU-CVE-2025-38270

In the Linux kernel, the following vulnerability has been resolved: net: drv: netdevsim: don't napicomplete from netpoll netdevsim supports netpoll. Make sure we don't call napicomplete from it, since it may not be scheduled. Breno reports hitting a warning in napicompletedone: WARNING: CPU: 14...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a problem with the napicomplete call in netdevsim, which could lead to a system crash...

SUSE CVE-2022-50144

In the Linux kernel, the following vulnerability has been resolved: soundwire: revisit driver bind/unbind and callbacks In the SoundWire probe, we store a pointer from the driver ops into the 'slave' structure. This can lead to kernel oopses when unbinding codec drivers, e.g. with the following...

UBUNTU-CVE-2022-50144

In the Linux kernel, the following vulnerability has been resolved: soundwire: revisit driver bind/unbind and callbacks In the SoundWire probe, we store a pointer from the driver ops into the 'slave' structure. This can lead to kernel oopses when unbinding codec drivers, e.g. with the following...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Module: Ensure that kobjectput is safe for the module type kobjects. In lookuporcreatemodulekobject, an internal kobject is created using modulektype. Therefore, calling kobjectput during error handling causes an attempt to use a...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net: drv: netdevsim: do not call napicomplete from netpoll netdevsim supports netpoll. Make sure we do not call npaiComplete from it, as it may not be scheduled. Breno reported encountering a warning in npaiCompleteDone: WARNING:...

BIT-MARIADB-MIN-2022-21595

Vulnerability in the MySQL Server product of Oracle MySQL component: C API. Supported versions that are affected are 5.7.36 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

BIT-MARIADB-MIN-2020-2780

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...