484 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-2454
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.24. Difficult...
CVE-2025-23296
NVIDIA Isaac-GR00T for all platforms contains a vulnerability in a Python component where an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...
Linux Distros Unpatched Vulnerability : CVE-2023-21869
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.31 and prior. Easily exploitable...
PT-2025-32339 · Unknown · Com.Huuge.Game.Zjbox +1
Name of the Vulnerable Software and Affected Versions: Huuge Box version 1.0.3 Description: A vulnerability exists in the Huuge Box App for Android. The issue involves the improper export of Android application components due to manipulation of an unknown part of the AndroidManifest.xml file with...
The vulnerability of the InnoDB component of the MySQL Database Server, which allows a hacker to cause a service failure
The vulnerability of the InnoDB component in the MySQL Database Management System is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...
CVE-2025-49005
Next.js CVE-2025-49005 affects Next.js App Router (versions 15.3.0 to before 15.3.3) and Vercel CLI (41.4.1 to 42.2.0). A cache poisoning vulnerability could cause HTML requests to return a React Server Component payload under certain conditions. When deployed on Vercel, impact is limited to the ...
The vulnerability of the cet.c component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the cet.c component in the Linux operating system’s kernel is related to the lack of data security mechanisms. Exploiting this vulnerability can allow an attacker to cause a service failure...
CVE-2025-48940 MyBB's upgrade component vulnerable to local file inclusion
MyBB is free and open source forum software. Prior to version 1.8.39, the upgrade component does not validate user input properly, which allows attackers to perform local file inclusion LFI via a specially crafted parameter value. In order to exploit the vulnerability, the installer must be...
CVE-2025-5401
A vulnerability was found in chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /post.php of the component GET Parameter Handler. The manipulation of the argument pid leads...
CVE-2025-48492 GetSimple CMS RCE in Edit component
GetSimple CMS is a content management system. In versions starting from 3.3.16 to 3.3.21, an authenticated user with access to the Edit component can inject arbitrary PHP into a component file and execute it via a crafted query string, resulting in Remote Code Execution RCE. This issue is set to ...
CVE-2025-22996
A stored cross-site scripting XSS vulnerability in the spftablecontent component of Linksys E5600 Router Ver. 1.1.0.26 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the desc parameter...
CVE-2024-40544
PublicCMS v4.0.202302.e was discovered to contain a Server-Side Request Forgery SSRF via the component /admin/maintenancesysTask/edit...
CVE-2024-22638
liveSite v2019.1 was discovered to contain a remote code execution RCE vulenrabiity via the component /livesite/editdesignerregion.php or /livesite/addemailcampaign.php...
CVE-2024-50716
SQL injection vulnerability in Smart Agent v.1.1.0 allows a remote attacker to execute arbitrary code via the id parameter in the /sendPushManually.php component...
CVE-2022-36748
PicUploader v2.6.3 was discovered to contain a cross-site scripting XSS vulnerability via the component /master/index.php...
CVE-2022-29792
The chip component has a vulnerability of disclosing CPU SNs.Successful exploitation of this vulnerability may affect data confidentiality...
CVE-2022-29017
Bento4 v1.6.0.0 was discovered to contain a segmentation fault via the component /x8664/multiarch/strlen-avx2.S...
CVE-2022-28008
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\attendancedelete.php...
CVE-2021-25445
Unprotected component vulnerability in Samsung Internet prior to version 14.2 allows untrusted application to access internal files in Samsung Internet...
CVE-2021-27343
SerenityOS Unspecified is affected by: Buffer Overflow. The impact is: obtain sensitive information context-dependent. The component is: /Userland/Libraries/LibCrypto/ASN1/DER.h Crypto::derdecodesequence function. The attack vector is: Parsing RSA Key ASN.1...