Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: nouveau/gsp: removing the WARNON messages in ACPI probes. These WARNON messages seem to trigger frequently, and we currently do not have a plan to fix them. Therefore, we’re simply removing them, as they are likely harmless...

EUVD-2026-30021

In the Linux kernel, the following vulnerability has been resolved: nouveau/gsp: drop WARNON in ACPI probes These WARNONs seem to trigger a lot, and we don't seem to have a plan to fix them, so just drop them, as they are most likely harmless...

CVE-2026-43485

In the Linux kernel, the following vulnerability has been resolved: nouveau/gsp: drop WARNON in ACPI probes These WARNONs seem to trigger a lot, and we don't seem to have a plan to fix them, so just drop them, as they are most likely harmless...

Exploit for Reliance on Untrusted Inputs in a Security Decision in Microsoft

CVE-2026-21509-PoC Educational PoC for CVE‑2026‑21509...

Attack of the clones: Fake ChatGPT apps are everywhere

The mobile AI gold rush has flooded app stores with lookalikes—shiny, convincing apps promising “AI image generation,” “smart chat,” or “instant productivity.” But behind the flashy logos lurks a spectrum of fake apps, from harmless copycats to outright spyware. Spoofing trusted brands like...

Exploit for Path Traversal in Rarlab Winrar

CVE-2025-8088 Python tool for safe archive handling, path trav...

Strategic Deflection: Defending LLMs from Logit Manipulation

With the growing adoption of Large Language Models LLMs in critical areas, ensuring their security against jailbreaking attacks is paramount. While traditional defenses primarily rely on refusing malicious prompts, recent logit-level attacks have demonstrated the ability to bypass these safeguard...

SUSE CVE-2023-53032

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Fix overflow before widen in the bitmapipcreate function. When firstip is 0, lastip is 0xFFFFFFFF, and netmask is 31, the value of an arithmetic expression 2 netmask - maskbits - 1 is subject to overflow due to ...

Exploit for OS Command Injection in Php

Orange Tsi 🍊 This vulnerability was found by Orange Tsai @oran...

CVE-2021-47452

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: skip netdev events generated on netns removal syzbot reported following harmless WARN: WARNING: CPU: 1 PID: 2648 at net/netfilter/core.c:468 nftnetdevunregisterhooks net/netfilter/nftablesapi.c:230 inline...

CVE-2021-47452

CVE-2021-47452: In the Linux kernel, nf_tables netdev event handling during net namespace removal could lead to a redundant UNREGISTER notifier action because the base hook was removed too late. The issue is a sequence/order problem in the notifier vs .pre_exit hook, which could cause an attempt ...

MAL-2022-4698 Malicious code in mostly-harmless (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 13a5a25f1695dadb24d37af19266782dabcebe4d1e47335d05ffc7aab4d1a805 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in mostly-harmless (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 13a5a25f1695dadb24d37af19266782dabcebe4d1e47335d05ffc7aab4d1a805 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

An incomplete string comparison in the numpy.core component in NumPy before 1.22.0 allows attackers to trigger slightly incorrect copying by constructing specific string objects. NOTE: the vendor states that this reported code behavior is "completely harmless."

...

SolarWinds Serv-U FTP 15.1.6.25 Cross Site Scripting

Issue: Reflected Cross-Site Scripting CVE: CVE-2018-19934 Security researcher: Chris Moberly @ The Missing Link Security Product name: Serv-U FTP Server Product version: Tested on 15.1.6.25 current as of Dec 2018 Fixed in: Serv-U 15.1.6 hotfix 3 Overview The Serv-U FTP Server is vulnerable to a...

GlassWire: DLL Hijacking Vulnerability in GlassWireSetup.exe

GlasswireSetup.exe is subject to the attack described here: http://textslashplain.com/2015/12/18/dll-hijacking-just-wont-die/ You can get a simple demo with this harmless DLL: https://bayden.com/dl/shfolder.dll See attached image for proof of execution...

Fedora 15 : tomcat6-6.0.32-8.fc15 (2011-13456)

Fix for CVE-2011-3190 This release is the first using a systemd unit file. SystemV files are packaged separately. During this transition users may experience this error: 'error reading information on service tomcat6: No such file or directory' The error occurs because there is no tomcat service t...

Fedora 16 : tomcat6-6.0.32-17.fc16 (2011-13426)

Fix for CVE-2011-3190 This release is the first using a systemd unit file. SystemV files are packaged separately. During this transition users may experience this error: 'error reading information on service tomcat6: No such file or directory' The error occurs because there is no tomcat service t...

PHP Nop Generator

Generates harmless padding for PHP scripts This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework This class implements a "nop" generator for PHP payloads class MetasploitModule 'PHP Nop Generator', 'Alias' = 'phpgeneric',...

EV0104.txt

New eVuln Advisory: Skull-Splitter's PHP Guestbook XSS Vulnerability http://evuln.com/vulns/104/summary.html --------------------Summary---------------- eVuln ID: EV0104 CVE: CVE-2006-1256 Software: Skull-Splitter's PHP Guestbook Sowtware's Web Site: http://www.boysen.be/ Versions: 2.6 2.7 Critic...