CVE-2017-14725

creationtimestamp| type| source ---|---|--- 2025-11-20 02:20:24+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2017/CVE-2017-14725.yaml 2025-11-21 21:02:45+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3m666lb2kbc2b...

CVE-2017-17092

creationtimestamp| type| source ---|---|--- 2025-11-20 02:12:04+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2017/CVE-2017-17092.yaml 2025-11-21 21:02:45+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3m666lb5cds25...

Exploit for CVE-2025-13390

WP Directory Kit /dev/null echo "+ Auto-login successful"...

PT-2025-47646

Name of the Vulnerable Software and Affected Versions GitHub Copilot and Visual Studio Code affected versions not specified Description An issue with access control exists in GitHub Copilot and Visual Studio Code. This allows an authorized attacker to bypass a security feature over a network...

CVE-2025-10703

creationtimestamp| type| source ---|---|--- 2025-11-19 17:40:56+00:00| seen| https://gist.github.com/Darkcrai86/18d5227339eca114b21530bced841b6c 2025-11-19 19:05:28+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m5yx3qs5tc2s...

CVE-2025-13035

creationtimestamp| type| source ---|---|--- 2025-11-19 09:02:41+00:00| seen| https://infosec.exchange/users/offseq/statuses/115575551429768240 2025-11-19 09:02:43+00:00| seen| https://gist.github.com/Darkcrai86/474957a48d87b3178f86a9cc044d968d...

CVE-2025-63878

The CVE-2025-63878 entry concerns Github Restaurant Website Restoran v1.0 with a SQL injection vulnerability exposed through the Contact Form page. The connected documents reiterate the same description and provide no concrete technical specifics beyond the vulnerability class (SQLi) and page vec...

CVE-2025-40547

creationtimestamp| type| source ---|---|--- 2025-11-18 10:01:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m5vi7gsa4d2k 2025-11-18 10:30:53+00:00| seen| https://gist.github.com/Darkcrai86/026217c1b9244ace2053b1b8ab1c4632 2025-11-21 08:52:18+00:00| published-proof-of-concept|...

Security Bulletin: NVIDIA Isaac-GR00T - November 2025

NVIDIA has released a software update for NVIDIA Isaac-GR00T. To protect your system, install software from GitHub commit 7f53666 of NVIDIA Isaac-GR00T. Go to NVIDIA Product Security...

GO-2025-4113 OAuth2-Proxy is vulnerable to header smuggling via underscore leading to potential privilege escalation in github.com/oauth2-proxy/oauth2-proxy

OAuth2-Proxy is vulnerable to header smuggling via underscore leading to potential privilege escalation in github.com/oauth2-proxy/oauth2-proxy...

GO-2025-4101 OpenTofu affected denials of service in "tofu init" with maliciously-crafted module package responses in github.com/opentofu/opentofu

OpenTofu affected denials of service in "tofu init" with maliciously-crafted module package responses in github.com/opentofu/opentofu...

GO-2025-4106 Soft Serve does not sanitize ANSI escape sequences in user input in github.com/charmbracelet/soft-serve

Soft Serve does not sanitize ANSI escape sequences in user input in github.com/charmbracelet/soft-serve...

GO-2025-4094 kgateway is missing xDS authorization in github.com/kgateway-dev/kgateway

kgateway is missing xDS authorization in github.com/kgateway-dev/kgateway...

GO-2025-4095 Kgateway transformation policy template can emit files from the container in github.com/kgateway-dev/kgateway

Kgateway transformation policy template can emit files from the container in github.com/kgateway-dev/kgateway...

Microsoft Patch Tuesday, November 2025 Edition

Microsoft this week pushed security updates to fix more than 60 vulnerabilities in its Windows operating systems and supported software, including at least one zero-day bug that is already being exploited. Microsoft also fixed a glitch that prevented some Windows 10 users from taking advantage of...

GHSA-VC2M-M665-8XM2 vulnerabilities

Vulnerabilities for packages: python...

GHSA-HC7M-R6V8-HG9Q vulnerabilities

Vulnerabilities for packages: wizer, wasmcloud, yara-x, zellij, zed...

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

The North Korean threat actors behind the Contagious Interview campaign have once again tweaked their tactics by using JSON storage services to stage malicious payloads. "The threat actors have recently resorted to utilizing JSON storage services like JSON Keeper, JSONsilo, and npoint.io to host...

GHSA-5PGG-2G8V-P4X9

creationtimestamp| type| source ---|---|--- 2025-11-14 02:45:47+00:00| seen| https://gist.github.com/conf1dentialaibusiness-source/0b49fe9990209fb038f5f50b73873dae 2025-12-02 03:16:32+00:00| seen| https://gist.github.com/deepak-chowdry/3da737fb0b4c63ed1bfe586c677e4860 2025-12-25 23:01:17+00:00|...

[SECURITY] Fedora 43 Update: gh-2.83.0-1.fc43

A command-line interface to GitHub for use in your terminal or your scripts. gh is a tool designed to enhance your workflow when working with GitHub. It provides a seamless way to interact with GitHub repositories and perform vari ous actions right from the command line, eliminating the need to...