EUVD-2020-18304

Malware in sbrugna...

EUVD-2025-5221

Malicious code in bioql PyPI...

EUVD-2025-13020

Malicious code in bioql PyPI...

PT-2025-38626

Name of the Vulnerable Software and Affected Versions Liferay Portal versions 7.3.0 through 7.4.3.112 Liferay DXP versions 2023.Q4.0 through 2023.Q4.8 Liferay DXP versions 2023.Q3.1 through 2023.Q3.10 Liferay Portal 7.4 GA through update 92 Liferay Portal 7.3 service pack 3 through update 35...

Wordfence Intelligence Weekly WordPress Vulnerability Report (August 18, 2025 to August 24, 2025)

Calling all Vulnerability Researchers and Bug Bounty Hunters! Spring into Summer with Wordfence! Now through September 4, 2025, earn 2X bounty rewards forall in-scope submissions from our 'High Threat' list in software with fewer than 5 million active installs. Bounties up to $31,200 per...

Linux Distros Unpatched Vulnerability : CVE-2021-46991

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: i40e: Fix use-after-free in i40eclientsubtask Currently the call to i40eclientdelinstance...

CVE-2022-49840

In the Linux kernel, the following vulnerability has been resolved: bpf, testrun: Fix alignment problem in bpfprogtestrunskb We got a syzkaller problem because of aarch64 alignment fault if KFENCE enabled. When the size from user bpf program is an odd number, like 399, 407, etc, it will cause the...

CVE-2023-52935

In the Linux kernel, the following vulnerability has been resolved: mm/khugepaged: fix -anonvma race If an -anonvma is attached to the VMA, collapseandfreepmd requires it to be locked. Page table traversal is allowed under any one of the mmap lock, the anonvma lock if the VMA is associated with a...

CVE-2023-52935 mm/khugepaged: fix ->anon_vma race

In the Linux kernel, the following vulnerability has been resolved: mm/khugepaged: fix -anonvma race If an -anonvma is attached to the VMA, collapseandfreepmd requires it to be locked. Page table traversal is allowed under any one of the mmap lock, the anonvma lock if the VMA is associated with a...

CVE-2024-54458

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: bsg: Set bsgqueue to NULL after removal Currently, this does not cause any issues, but I believe it is necessary to set bsgqueue to NULL after removing it to prevent potential use-after-free UAF access...

CVE-2024-54458 scsi: ufs: bsg: Set bsg_queue to NULL after removal

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: bsg: Set bsgqueue to NULL after removal Currently, this does not cause any issues, but I believe it is necessary to set bsgqueue to NULL after removing it to prevent potential use-after-free UAF access...

CVE-2024-54458 scsi: ufs: bsg: Set bsg_queue to NULL after removal

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: bsg: Set bsgqueue to NULL after removal Currently, this does not cause any issues, but I believe it is necessary to set bsgqueue to NULL after removing it to prevent potential use-after-free UAF access...

CVE-2024-54458

The CVE-2024-54458 issue is in the Linux kernel, involving the SCSI/ufs subsystem (bsg path). The root cause is not fully described beyond the fix: after removing the bsg_queue, it should be set to NULL to avoid potential use-after-free (UAF). The advisory states this vulnerability has been resol...

CVE-2024-45367

The web server for ONS-S8 - Spectra Aggregation Switch includes an incomplete authentication process, which can lead to an attacker authenticating without a password...

Debian dla-4039 : ffmpeg - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4039 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4039-1 [email protected]...

CVE-2023-32506

CVE-2023-32506 is a real, publicly documented vulnerability affecting the WordPress plugin Link Whisper Free (versions

FireTail Unveils Free Access for All to Cutting-Edge API Security Platform

McLean, United States of America, 26th June 2024, CyberNewsWire...

Malicious code in watch-scream-6-movies-stream-online-for-at-homes-free (npm)

--- -= Per source details. Do not edit below this line.=-...

Wordfence Intelligence Weekly WordPress Vulnerability Report (May 13, 2024 to May 19, 2024)

Did you know were running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 118 vulnerabilities disclosed in 90 WordPress...

CVE-2024-27934 *const c_void / ExternalPointer unsoundness leading to use-after-free

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Starting in version 1.36.2 and prior to version 1.40.3, use of inherently unsafe const cvoid and ExternalPointer leads to use-after-free access of the underlying structure, resulting in arbitrary code execution. Use of inherently unsafe...