EUVD-2015-5894

Malware in sbrugna...

CVE-2024-45554

Memory corruption during concurrent SSR execution due to race condition on the global maps list...

CVE-2022-24800

October/System is the system module for October CMS, a self-hosted CMS platform based on the Laravel PHP Framework. Prior to versions 1.0.476, 1.1.12, and 2.2.15, when the developer allows the user to specify their own filename in the fromData method, an unauthenticated user can perform remote co...

CVE-2025-1028

The Contact Manager plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the contact form upload feature in all versions up to, and including, 8.6.4. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site'...

Internet Bug Bounty: [SECURITY] CVE-2024-50379 Apache Tomcat - RCE via write-enabled default servlet

A vulnerability was discovered in Apache Tomcat where a race condition could be triggered on a Windows machine with a write-enabled default servlet, leading to remote code execution. The issue was caused by the case-insensitive nature of the file system, which allowed an uploaded file to be treat...

CVE-2024-47827 Argo Workflows Controller: Denial of Service via malicious daemon Workflows

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Due to a race condition in a global variable in 3.6.0-rc1, the argo workflows controller can be made to crash on-command by any user with access to execute a workflow. This vulnerabili...

SUSE CVE-2024-43882

In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage When opening a file for exec via dofilpopen, permission checking is done against the file's metadata at that moment, and on success, a file pointer is passed back. Much...

CVE-2021-39660

In TBD of TBD, there is a possible way to archive arbitrary code execution in kernel due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndro...

SUSE-SU-2018:1513-1 Security update for the Linux Kernel (Live Patch 26 for SLE 12 SP1)

This update for the Linux Kernel 3.12.74-606485 fixes several issues. The following security issues were fixed: - CVE-2018-8897: A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual SDM was mishandled in the development of some or all...

SUSE-SU-2018:1540-1 Security update for the Linux Kernel (Live Patch 25 for SLE 12)

This update for the Linux Kernel 3.12.61-5286 fixes several issues. The following security issues were fixed: - CVE-2017-13166: An elevation of privilege vulnerability in the kernel v4l2 video driver was fixed. bsc1085447. - CVE-2018-8897: A statement in the System Programming Guide of the Intel ...