15 matches found
Exploit for CVE-2025-2304
PoC: CVE-2025-2304 - Camaleon CMS Privilege Escalation Tec...
PT-2025-47422
The YITH WooCommerce Wishlist plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.10.0 via the REST API endpoint and AJAX handler due to missing validation on user-controlled keys. This makes it possible for unauthenticated attackers to...
EUVD-2017-11580
Malware in sbrugna...
Exploit for Code Injection in Craftcms Craft_Cms
CraftCMS CVE-2025-32432 Vulnerability Exploitation Tool Set A...
GSD-2023-1001857 mm/MADV_COLLAPSE: catch !none !huge !bad pmd lookups
mm/MADVCOLLAPSE: catch !none !huge !bad pmd lookups This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.11 by commit...
GSD-2022-1006664 fs/binfmt_elf: Fix memory leak in load_elf_binary()
fs/binfmtelf: Fix memory leak in loadelfbinary This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.7 by commit...
GSD-2022-1005322 arm64: select TRACE_IRQFLAGS_NMI_SUPPORT
arm64: select TRACEIRQFLAGSNMISUPPORT This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.2 by commit 10b49de3d9a635ac283fd707f85588577d7e452b...
GSD-2022-1004261 afs: Fix dynamic root getattr
afs: Fix dynamic root getattr This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.8 by commit 7844ceada44eca740d31beb3d97b8511b1ca0a9b, it was...
GSD-2022-1002319 dm ioctl: prevent potential spectre v1 gadget
dm ioctl: prevent potential spectre v1 gadget This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.238 by commit...
GSD-2022-1000729 sc16is7xx: Fix for incorrect data being transmitted
sc16is7xx: Fix for incorrect data being transmitted This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.12 by commit...
GSD-2021-1002470 ARM: socfpga: Fix crash with CONFIG_FORTIRY_SOURCE
ARM: socfpga: Fix crash with CONFIGFORTIRYSOURCE This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.83 by commit...
UVI-2021-1002047 powerpc/idle: Don't corrupt back chain when going idle
powerpc/idle: Don't corrupt back chain when going idle This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.76 by commit...
UVI-2021-1001548 i2c: acpi: fix resource leak in reconfiguration device addition
i2c: acpi: fix resource leak in reconfiguration device addition This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.211 by commit...
UVI-2021-1001530 ipack: ipoctal: fix module reference leak
ipack: ipoctal: fix module reference leak This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.249 by commit...
CVE-2011-1839
IBM Rational Build Forge 7.1.0 is vulnerable because it uses HTTP GET during redirection from the authentication servlet to a PHP script, enabling context-dependent attackers to discover session IDs by reading web-server access logs, Referer logs, or browser history. Affected component: the authe...