Exploit for CVE-2025-60751

CVE-2025-60751: GeographicLib Stack-based Buffer Overflow 📌...

ai.ancf.lmos:lmos-operator (>=0.5.0 <=0.6.0), ai.telosforge:kimaira-starter-dms (>=1.2.4 <=1.2.6) +5034 more potentially affected by CVE-2026-22741 via org.springframework:spring-webmvc (>=6.2.0 <=6.2.17)

org.springframework:spring-webmvc MAVEN version =6.2.0, =0.5.0, =1.2.4, =1.2.4, =1.17.0, =0.3.0, =0.0.1, =0.1.0, =0.1.0, =0.1.0, =8.6.0, =8.6.0, =8.6.0, =8.6.0, =8.6.0, =8.8.1 and more Source cves: CVE-2026-22741 Source advisory: OSV:GHSA-WG35-8JPF-2XV3...

GHSA-H43V-27WG-5MF9 OpenClaw: Forged Nostr DMs could create pairing state before signature verification

Summary Before OpenClaw 2026.3.31, the Nostr DM ingress path could issue pairing challenges before validating the event signature. A forged DM could create a pending pairing entry and trigger a pairing-reply attempt before signature rejection. Impact An unauthenticated remote sender could consume...

OpenClaw: Nostr inbound DMs could trigger unauthenticated crypto work before sender policy enforcement

Summary Nostr inbound DM handling could perform crypto and dispatch work before sender and pairing policy enforcement, enabling unauthorized pre-auth computation. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.3.22 - Latest released tag checked: v2026.3.23-2...

CVE-2026-27153

Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, moderators could export user Chat DMs via the CSV export endpoint by exploiting an overly permissive allowlist in canexportentity?. The method allowed moderators to export any entity not explicit...

CVE-2026-27153

Discourse (open source discussion platform) is affected prior to versions 2025.12.2, 2026.1.1, and 2026.2.0. The issue arises from an overly permissive allowlist in can_export_entity?, letting moderators export any entity not explicitly blocked via the CSV export endpoint to access user Chat DMs....

CVE-2018-12273

The /edit URI in the DMS component in Ximdex 4.0 has XSS via the Ciudad or Nombre parameter...

CVE-2022-33139

A vulnerability has been identified in Cerberus DMS All versions, Desigo CC All versions, Desigo CC Compact All versions, SIMATIC WinCC OA V3.16 All versions in default configuration, SIMATIC WinCC OA V3.17 All versions in non-default configuration, SIMATIC WinCC OA V3.18 All versions in...

DEBIAN-CVE-2025-60751

GeographicLib 2.5 is vulnerable to Buffer Overflow in GeoConvert DMS::InternalDecode...

UBUNTU-CVE-2025-60751

GeographicLib 2.5 is vulnerable to Buffer Overflow in GeoConvert DMS::InternalDecode...

Buffer Overflow

Overview Affected versions of this package are vulnerable to Buffer Overflow in the DMS::InternalDecode function. An attacker can hijack the program's control flow by overwriting a return address to point to a libc function ret2libc and execute arbitrary code or cause a crash by providing special...

CVE-2025-60751

GeographicLib 2.5 is vulnerable to Buffer Overflow in GeoConvert DMS::InternalDecode...

CVE-2025-60751

GeographicLib 2.5 is vulnerable to Buffer Overflow in GeoConvert DMS::InternalDecode...

GeographicLib 安全漏洞

GeographicLib is a C language library from the GeographicLib open source. A security vulnerability exists in GeographicLib version 2.5, which originates from a buffer overflow in GeoConvert DMS::InternalDecode...

EUVD-2018-4249

Malware in sbrugna...

EUVD-2008-0819

Malware in sbrugna...

EUVD-2004-1527

Malware in sbrugna...

EUVD-2021-23755

Malware in sbrugna...

EUVD-2023-26864

Malicious code in bioql PyPI...

EUVD-2022-3839

Malicious code in bioql PyPI...