91 matches found
CVE-2025-8579
Inappropriate implementation in Picture In Picture in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2025-8524
creationtimestamp| type| source ---|---|--- 2025-08-05 00:12:54+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lvmgeyptll2d...
CVE-2025-51726
creationtimestamp| type| source ---|---|--- 2025-08-04 23:48:35+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lvmeziuc7d2p 2025-08-06 21:02:34+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lvr4obb3oj2a...
CVE-2025-5921
creationtimestamp| type| source ---|---|--- 2025-08-01 08:58:00+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lvdbub43ca2d...
CVE-2025-38478
In the Linux kernel, the following vulnerability has been resolved: comedi: Fix initialization of data for instructions that write to subdevice Some Comedi subdevice instruction handlers are known to access instruction data elements beyond the first insn-n elements in some cases. The doinsnioctl...
CVE-2025-6918
creationtimestamp| type| source ---|---|--- 2025-07-28 13:04:27+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3luznrb4jdq2t...
CVE-2025-38372
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix unsafe xarray access in implicit ODP handling xastore and xaerase were used without holding the proper lock, which led to a lockdep warning due to unsafe RCU usage. This patch replaces them with xastore and xaerase...
CVE-2025-7952
creationtimestamp| type| source ---|---|--- 2025-07-22 12:24:29+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114896867677018195...
CVE-2025-54077
creationtimestamp| type| source ---|---|--- 2025-07-22 03:54:24+00:00| seen| MISP/a3c5beab-b790-4171-8b4c-02c8a9678071 2025-09-09 11:53:44+00:00| seen| MISP/a3c5beab-b790-4171-8b4c-02c8a9678071...
CVE-2025-53030
CVE-2025-53030 affects Oracle VM VirtualBox (component: Core) with 7.1.10, per multiple sources. The description states an attacker with logon to the infrastructure where VirtualBox runs can achieve high privileges and potentially compromise Oracle VM VirtualBox, with possible broader impact on r...
CVE-2025-50103
Oracle MySQL Server vulnerability CVE-2025-50103 affects MySQL Server 9.0.0–9.3.0, specifically the Server: Security: LDAP Auth component. It allows a high-privileged attacker with network access via multiple protocols to cause a hang or crash (DoS). CVSS 3.1 base score 4.4 (AV:N/AC:H/PR:H/UI:N/S...
CVE-2025-50090
...
CVE-2025-50061
CVE-2025-50061 affects Oracle Primavera P6 Enterprise Project Portfolio Management (Web Access component). Affected versions are 20.12.0–20.12.21, 21.12.0–21.12.21, 22.12.0–22.12.19, 23.12.0–23.12.13, and 24.12.0–24.12.4. An attacker with network access via HTTP and with low privileges can exploi...
CVE-2025-30747
CVE-2025-30747 affects Oracle PeopleSoft PeopleTools (PIA Core Technology). The vulnerability exists in PeopleSoft Enterprise PeopleTools components and impacts versions 8.60, 8.61, and 8.62. An unauthenticated attacker who can reach the service over HTTP can exploit this issue to access data rea...
CVE-2025-7488
creationtimestamp| type| source ---|---|--- 2025-07-12 20:32:21+00:00| seen| https://bsky.app/profile/potato.software/post/3lts7dg7f452t...
CVE-2025-4972
creationtimestamp| type| source ---|---|--- 2025-07-10 11:51:06+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114828788727504987...
CVE-2025-38249
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix out-of-bounds read in sndusbgetaudioformatuac3 In sndusbgetaudioformatuac3, the length value returned from sndusbctlmsg is used directly for memory allocation without validation. This length is controlled by...
CVE-2025-38160
In the Linux kernel, the following vulnerability has been resolved: clk: bcm: rpi: Add NULL check in raspberrypiclkregister devmkasprintf returns NULL when memory allocation fails. Currently, raspberrypiclkregister does not check for this case, which results in a NULL pointer dereference. Add NUL...
CVE-2025-49520
creationtimestamp| type| source ---|---|--- 2025-06-30 21:09:22+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/19975 2025-06-30 21:42:52+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114774492584600634 2025-06-30 23:35:08+00:00| seen|...
CVE-2025-6900
creationtimestamp| type| source ---|---|--- 2025-06-30 09:05:27+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/19912 2025-06-30 13:06:53+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lstattqwxc2r...