mantis-exploit-patch

No d...

Statamic: Unsafe method invocation via query value resolution allows data destruction

Impact Manipulating query parameters on Control Panel and REST API endpoints, or arguments in GraphQL queries, could result in the loss of content, assets, and user accounts. The Control Panel requires authentication with minimal permissions in order to exploit. e.g. "view entries" permission to...

CVE-2026-1418

A security vulnerability has been detected in GPAC up to 2.4.0. This affects the function gftextimportsrtbifs of the file src/scenemanager/texttobifs.c of the component SRT Subtitle Import. Such manipulation leads to out-of-bounds write. The attack needs to be performed locally. The exploit has...

CVE-2025-1925

A vulnerability classified as problematic was found in Open5GS up to 2.7.2. Affected by this vulnerability is the function amfnsmfpdusessionhandleupdatesmcontext of the file src/amf/nsmf-handler.c of the component AMF. The manipulation leads to denial of service. The attack can be launched...

EUVD-2021-3241

Malicious code in bioql PyPI...

EUVD-2025-21831

Malicious code in bioql PyPI...

EUVD-2024-31783

Malicious code in bioql PyPI...

EUVD-2025-11538

Malicious code in bioql PyPI...

EUVD-2025-15983

Malicious code in bioql PyPI...

EUVD-2024-51216

Malicious code in bioql PyPI...

EUVD-2023-27711

Malicious code in bioql PyPI...

EUVD-2025-20363

Malicious code in bioql PyPI...

EUVD-2025-18651

Malicious code in bioql PyPI...

EUVD-2025-22294

Malicious code in bioql PyPI...

CVE-2025-9301

A vulnerability was determined in cmake 4.1.20250725-gb5cce23. This affects the function cmForEachFunctionBlocker::ReplayItems of the file cmForEachCommand.cxx. This manipulation causes reachable assertion. The attack needs to be launched locally. The exploit has been publicly disclosed and may b...

CVE-2025-9157 appneta tcpreplay tcprewrite edit_packet.c untrunc_packet use after free

A vulnerability was determined in appneta tcpreplay up to 4.5.2-beta2. The impacted element is the function untruncpacket of the file src/tcpedit/editpacket.c of the component tcprewrite. Executing manipulation can lead to use after free. It is possible to launch the attack on the local host. The...

Linux Distros Unpatched Vulnerability : CVE-2025-3198

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability has been found in GNU Binutils 2.43/2.44 and classified as problematic. Affected by this vulnerability is the function displayinfo of the file...

Linux Distros Unpatched Vulnerability : CVE-2025-8010

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Type Confusion in V8 in Google Chrome prior to 138.0.7204.168 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium...

CVE-2025-8729

CVE-2025-8729 affects MigoXLab LMeterX 1.2.0. The vulnerability is in the function process_cert_files of backend/service/upload_service.py, where manipulation of the argument task_id enables path traversal. It can be triggered remotely and the exploit has been publicly disclosed. A patch is avail...

CVE-2025-8554

A vulnerability, which was classified as problematic, has been found in atjiu pybbs up to 6.0.0. This issue affects some unknown processing of the file /admin/user/list. The manipulation of the argument Username leads to cross site scripting. The attack may be initiated remotely. The exploit has...