CVE-2022-23431

An improper boundary check in RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution...

CVE-2022-23640

Excel-Streaming-Reader is an easy-to-use implementation of a streaming Excel reader using Apache POI. Prior to xlsx-streamer 2.1.0, the XML parser that was used did apply all the necessary settings to prevent XML Entity Expansion issues. Upgrade to version 2.1.0 to receive a patch. There is no...

CVE-1999-0343

A malicious Palace server can force a client to execute arbitrary programs...

CVE-2025-55137

CVE-2025-55137 affects LinkJoin (versions up to and including 882f196). The vulnerability arises from lack of type checking in the password reset functionality, per multiple sources (CVE entry and Red Hat/CVE listings). Base metrics indicate CVSSv3.1: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N (base sco...

CVE-2025-45766

poco v1.14.1-release was discovered to contain weak encryption. NOTE: this issue has been disputed on the basis that key lengths are expected to be set by an application, not by this library. This dispute is subject to review under CNA rules 4.1.4, 4.1.14, and other rules; the dispute tagging is...

CVE-2025-8555

creationtimestamp| type| source ---|---|--- 2025-08-05 13:53:31+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lvnuae7rcn2e...

CVE-2025-41698

The CVE-2025-41698 entry pertains to Draeger ICMHelper. Affected software: Draeger ICMHelper (client-side service) with vulnerability described as a low-privileged local attacker who can interact with the affected service even when user interaction should be disallowed. Root cause cited in connec...

CVE-2025-8638

creationtimestamp| type| source ---|---|--- 2025-08-05 03:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-786/...

CVE-2025-8651

creationtimestamp| type| source ---|---|--- 2025-08-05 03:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-799/ 2025-08-06 04:26:39+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lvpeznqt7b2e...

CVE-2025-7844

creationtimestamp| type| source ---|---|--- 2025-08-04 23:57:53+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lvmfk4yrli2e...

CVE-2025-36594

creationtimestamp| type| source ---|---|--- 2025-08-04 17:23:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lvlpien52u26 2025-08-05 01:31:30+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3lvmkrih3vm2j 2025-08-08 02:49:19+00:00| seen|...

CVE-2025-5999

A flaw was found in github.com/hashicorp/vault. This vulnerability allows a privileged Vault operator with write access to the root namespace’s identity endpoint to manipulate token privileges, effectively elevating another user’s token to the Vault root policy. This privilege escalation occurs...

CVE-2025-6626

creationtimestamp| type| source ---|---|--- 2025-08-02 10:12:54+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lvfwj44d6f2q...

CVE-2025-45770

jwt v5.4.3 was discovered to contain weak encryption. NOTE: this issue has been disputed on the basis that key lengths are expected to be set by an application, not by this library. This dispute is subject to review under CNA rules 4.1.4, 4.1.14, and other rules; the dispute tagging is not meant ...

CVE-2025-54583

creationtimestamp| type| source ---|---|--- 2025-07-30 15:24:05+00:00| published-proof-of-concept| https://github.com/finos/git-proxy/security/advisories/GHSA-qr93-8wwf-22g4 2025-07-30 23:37:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lv7s3gaehf2d...

CVE-2025-43193

The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.6, macOS Ventura 13.7.7, macOS Sonoma 14.7.7. An app may be able to cause a denial-of-service...

BELL-CVE-2025-38490

Bulletin has no description...

CVE-2025-54530

creationtimestamp| type| source ---|---|--- 2025-07-28 19:34:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lv2dkrm6hy2w...

CVE-2025-38477

In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fix race condition on qfqaggregate A race condition can occur when 'agg' is modified in qfqchangeagg called during qfqenqueue while other threads access it concurrently. For example, qfqdumpclass may trigger a...

CVE-2025-38475

In the Linux kernel, the following vulnerability has been resolved: smc: Fix various oops due to inetsock type confusion. syzbot reported weird splats 01 in cipsov4socksetattr while freeing inetsksk-inetopt. The address was freed multiple times even though it was read-only memory...