PT-2025-49998

Insertion of Sensitive Information Into Sent Data vulnerability in INFINITUM FORM Geo Controller cf-geoplugin allows Retrieve Embedded Sensitive Data.This issue affects Geo Controller: from n/a through = 8.9.4...

PT-2025-50020

Insertion of Sensitive Information Into Sent Data vulnerability in WP Messiah WP AI CoPilot ai-co-pilot-for-wp allows Retrieve Embedded Sensitive Data.This issue affects WP AI CoPilot: from n/a through = 1.2.7...

CVE-2025-13295

Insertion of Sensitive Information Into Sent Data vulnerability in Argus Technology Inc. BILGER allows Choosing Message Identifier.This issue affects BILGER: before 2.4.9...

CVE-2025-13295

Insertion of Sensitive Information Into Sent Data vulnerability in Argus Technology Inc. BILGER allows Choosing Message Identifier.This issue affects BILGER: before 2.4.9...

CVE-2025-13295

Insertion of Sensitive Information Into Sent Data vulnerability in Argus Technology Inc. BILGER allows Choosing Message Identifier. This issue affects BILGER: before 2.4.9...

CVE-2025-13295 Sensitive Data Exposure in ArgusTech's BILGER

Insertion of Sensitive Information Into Sent Data vulnerability in Argus Technology Inc. BILGER allows Choosing Message Identifier. This issue affects BILGER: before 2.4.9...

CVE-2025-13295 Sensitive Data Exposure in ArgusTech's BILGER

Insertion of Sensitive Information Into Sent Data vulnerability in Argus Technology Inc. BILGER allows Choosing Message Identifier. This issue affects BILGER: before 2.4.9...

CVE-2025-13611 Insertion of Sensitive Information into Log File in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.2 before 18.5.5, 18.6 before 18.6.3, and 18.7 before 18.7.1 that could have allowed an authenticated user with access to certain logs to obtain sensitive tokens under specific conditions...

Adaptive Detection of Polymorphic Malware: Leveraging Mutation Engines and YARA Rules for Enhanced Security

Polymorphic malware continually alters its structure to evade signature-based defences, challenging both commercial antivirus AV and enterprise detection systems. This study introduces a reproducible framework for analysing eight polymorphic behaviours-junk code insertion, control-flow obfuscatio...

Google Chrome < 46.0.2490.71 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 46.0.2490.71. It is, therefore, affected by multiple vulnerabilities as referenced in the 201510stable-channel-update advisory. - Multiple unspecified vulnerabilities in Google Chrome before 46.0.2490.71 allow attackers t...

VulnCheck KEV: CVE-2024-12912

An improper input insertion vulnerability in AiCloud on certain router models may lead to arbitrary command execution. Refer to the '01/02/2025 ASUS Router AiCloud vulnerability' section on the ASUS Security Advisory for more information...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to free an XArray entry after an iceadapternew failure, which could lead to subsequent insertion...

CVE-2025-59509

Insertion of sensitive information into sent data in Windows Speech allows an authorized attacker to disclose information locally...

EUVD-2025-93448

Insertion of sensitive information into sent data in Windows Speech allows an authorized attacker to disclose information locally...

vim: Vim path traversial

A path traversal flaw was found in Vim. Successful exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive...

kernel: wifi: mac80211: don't flush non-uploaded STAs

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't flush non-uploaded STAs If STA state is pre-moved to AUTHORIZED such as in IBSS scenarios and insertion fails, the station is freed. In this case, the driver never knew about the station, so trying to flush ...

kernel: wifi: mac80211: don't flush non-uploaded STAs

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't flush non-uploaded STAs If STA state is pre-moved to AUTHORIZED such as in IBSS scenarios and insertion fails, the station is freed. In this case, the driver never knew about the station, so trying to flush ...

Windows Speech Recognition Information Disclosure Vulnerability

Insertion of sensitive information into sent data in Windows Speech allows an authorized attacker to disclose information locally...

CVE-2025-64495

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. In versions 0.6.34 and below, the functionality that inserts custom prompts into the chat window is vulnerable to DOM XSS when 'Insert Prompt as Rich Text' is enabled, since the prompt body is...

CVE-2025-64495

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. In versions 0.6.34 and below, the functionality that inserts custom prompts into the chat window is vulnerable to DOM XSS when 'Insert Prompt as Rich Text' is enabled, since the prompt body is...