29 matches found
SUSE CVE-2026-6358
Use after free in XR in Google Chrome on Android prior to 147.0.7727.101 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: Critical...
CVE-2025-38697
In the Linux kernel, the following vulnerability has been resolved: jfs: upper bound check of tree index in dbAllocAG When computing the tree index in dbAllocAG, we never check if we are out of bounds realative to the size of the stree. This could happen in a scenario where the filesystem metadat...
CVE-2025-38374
In the Linux kernel, the following vulnerability has been resolved: optee: ffa: fix sleep in atomic context The OP-TEE driver registers the function notifcallback for FF-A notifications. However, this function is called in an atomic context leading to errors like this when processing asynchronous...
CVE-2025-7834
creationtimestamp| type| source ---|---|--- 2025-07-19 18:16:35+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ludkz4b6xv2h...
CVE-2025-48795
creationtimestamp| type| source ---|---|--- 2025-07-15 18:48:08+00:00| seen| https://seclists.org/oss-sec/2025/q3/42 2025-07-15 21:24:05+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3ltztmn2viz22 2025-09-30 01:31:28+00:00| seen|...
CVE-2025-52477
creationtimestamp| type| source ---|---|--- 2025-06-26 17:51:01+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/19645 2025-06-26 20:46:01+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lsjyn57xeb2o...
WordPress Responsive Blocks plugin <= 2.0.5 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by zaim in WordPress Plugin Responsive Blocks versions = 2.0.5...
CVE-2025-25207
The CVE concerns Authorino in Red Hat Connectivity Link. A developer-persona attacker can flood the service with post‑authorization callbacks, and since policy enforcement is handled by a single Authorino instance, this leads to Denial of Service during post‑authorization callback processing. Doc...
WordPress Element Pack Elementor Addons plugin <= 5.11.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting vulnerability discovered by Robert DeVore in WordPress Plugin Element Pack Elementor Addons versions = 5.11.2...
CVE-2023-0493
Improper Neutralization of Equivalent Special Elements in GitHub repository btcpayserver/btcpayserver prior to 1.7.5...
CVE-2022-34315
IBM CICS TX 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 229451...
CVE-2010-2278
The bookmarklet pop-up in the Bookmarks component in IBM Lotus Connections 2.5.x before 2.5.0.2 does not properly follow the "force SSL" setting, which might make it easier for remote attackers to obtain the cleartext of network communication by sniffing the network, or spoof arbitrary servers vi...
CVE-2025-37902
No description is available for this CVE...
CVE-2022-49919
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: release flow rule object from commit path No need to postpone this to the commit release path, since no packets are walking over this object, this is accessed from control plane only. This helped uncovered UA...
CVE-2022-49897
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2025-30681
CVE-2025-30681 is a MySQL Server vulnerability in the replication component. Oracle MySQL lists affected versions as 8.0.0–8.0.41, 8.4.0–8.4.4, and 9.0.0–9.2.0. It is described as easily exploitable via network access through multiple protocols, with a high-privilege attacker capable of compromis...
CVE-2025-29482
creationtimestamp| type| source ---|---|--- 2025-04-07 19:45:30+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/10766 2025-04-07 22:55:51+00:00| seen| https://t.me/cvedetector/22349 2025-05-02 21:10:10+00:00| seen|...
CVE-2022-49703
In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Store vhost pointer during subcrq allocation Currently the back pointer from a queue to the vhost adapter isn't set until after subcrq interrupt registration. The value is available when a queue is first allocated a...
CVE-2025-21298 Windows OLE Remote Code Execution Vulnerability
...
CVE-2025-21300
creationtimestamp| type| source ---|---|--- 2025-01-14 17:29:48+00:00| seen| https://www.thezdi.com/blog/2025/1/14/the-january-2025-security-update-review 2025-01-14 18:20:49+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpujggk332p 2025-01-14 23:41:25+00:00| seen|...