CVE-2023-30711

Improper authentication in Phone and Messaging Storage SMR SEP-2023 Release 1 allows attacker to insert arbitrary data to the provider...

CVE-2023-6921

Blind SQL Injection vulnerability in PrestaShow Google Integrator PrestaShop addon allows for data extraction and modification. This attack is possible via command insertion in one of the cookies...

CVE-2022-43303

The d8s-strings for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-uuids package. The affected version of d8s-htm is 0.1.0...

CVE-2022-43304

The d8s-timer for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-uuids package. The affected version of d8s-htm is 0.1.0...

CVE-2022-1695

The WP Simple Adsense Insertion WordPress plugin before 2.1 does not perform CSRF checks on updates to its admin page, allowing an attacker to trick a logged in user to manipulate ads and inject arbitrary javascript via submitting a form...

CVE-2022-34501

The bin-collection package in PyPI before v0.1 included a code execution backdoor inserted by a third party...

CVE-2022-44053

The d8s-networking for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-user-agents package. The affected version of d8s-htm is 0.1.0...

CVE-2021-28709

issues with partially successful P2M updates on x86 This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. x86 HVM and PVH guests may be started in populate-on-demand PoD mode, to provide a way for them to later easily have...

CVE-2021-22239

An unauthorized user was able to insert metadata when creating new issue on GitLab CE/EE 14.0 and later...

CVE-2021-38113

In addBouquet in js/bqe.js in OpenWebif aka e2openplugin-OpenWebif through 1.4.7, inserting JavaScript into the Add Bouquet feature of the Bouquet Editor i.e., bouqueteditor/api/addbouquet?name= leads to Stored XSS...

CVE-2020-7382

Rapid7 Nexpose installer version prior to 6.6.40 contains an Unquoted Search Path which may allow an attacker on the local machine to insert an arbitrary file into the executable path. This issue affects: Rapid7 Nexpose versions prior to 6.6.40...

CVE-2011-5074

Multiple cross-site request forgery CSRF vulnerabilities in Support Incident Tracker aka SiT! before 3.65 allow remote attackers to hijack the authentication of administrators for requests that change administrator email, add a new administrator, or insert arbitrary script via 1 userprofileedit.p...

PT-2025-24274

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fix included in commit 141d34391abbb315d68556b7c67ad97885407547. Description The Linux kernel contains a vulnerability in the net sched subsystem, specifically within the HFSC Hierarchical Fair Queuing...

CVE-2002-2126

restrictEnabled in Integrity Protection Driver IPD 1.2 delays driver installation for 20 minutes, which allows local users to insert malicious code by setting system clock to an earlier time...

Quantum Opacity, Classical Clarity: a Hybrid Approach to Quantum Circuit Obfuscation

Quantum computing leverages quantum mechanics to achieve computational advantages over classical hardware, but the use of third-party quantum compilers in the Noisy Intermediate-Scale Quantum NISQ era introduces risks of intellectual property IP exposure. We address this by proposing a novel...

SUSE CVE-2025-37890

In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc As described in Gerrard's report 1, we have a UAF case when an hfsc class has a netem child qdisc. The crux of the issue is that hfsc is assuming that...

UBUNTU-CVE-2025-37890

In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc As described in Gerrard's report 1, we have a UAF case when an hfsc class has a netem child qdisc. The crux of the issue is that hfsc is assuming that...

CVE-2025-37890 net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc

In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc As described in Gerrard's report 1, we have a UAF case when an hfsc class has a netem child qdisc. The crux of the issue is that hfsc is assuming that...

Apache IoTDB JDBC driver 日志信息泄露漏洞

The Apache IoTDB JDBC driver is a standard JDBC driver for the Apache IoTDB database from the Apache USA Foundation that supports Java applications interacting with IoTDB. A log information disclosure vulnerability exists in Apache IoTDB JDBC driver versions 0.10.0 through 1.3.3 and versions prio...

LATENT: LLM-Augmented Trojan Insertion and Evaluation Framework for Analog Netlist Topologies

Analog and mixed-signal A/MS integrated circuits ICs are integral to safety-critical applications. However, the globalization and outsourcing of A/MS ICs to untrusted third-party foundries expose them to security threats, particularly analog Trojans. Unlike digital Trojans which have been...