CVE-2025-71136 media: adv7842: Avoid possible out-of-bounds array accesses in adv7842_cp_log_status()

In the Linux kernel, the following vulnerability has been resolved: media: adv7842: Avoid possible out-of-bounds array accesses in adv7842cplogstatus It's possible for cpread and hdmiread to return -EIO. Those values are further used as indexes for accessing arrays. Fix that by checking return...

SUSE CVE-2023-54300

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: avoid referencing uninit memory in ath9kwmictrlrx For the reasons also described in commit b383e8abed41 "wifi: ath9k: avoid uninit memory read in ath9khtcrxmsg", ath9khtcrxmsg should validate pktlen before accessing...

CLSA-2025-1744301726 libgcrypt: Fix of CVE-2024-2236

Synced to upstream plus ASN.1 patch - Tested on AlmaLinux 9.5 - Fix CVE-2024-2236 RHEL-34579...

AZL-60324 CVE-2025-21964 affecting package kernel for versions less than 5.15.180.1-1

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing acregmax mount option User-provided mount parameter acregmax of type u32 is intended to have an upper limit, but before it is validated, the value is converted from seconds to jiffies...

CVE-2024-41006

CVE-2024-41006 : Linux kernel vulnerability where a memory leak in nr_heartbeat_expiry() could occur due to the sock_hold() logic. The fix removes sock_hold() for non-listening sockets and retains it only for listening sockets, addressing a syzkaller-reported leak in nr_create(). The linked advis...

SUSE CVE-2024-38622

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Add callback function pointer check before its call In dpucoreirqcallbackhandler callback function pointer is compared to NULL, but then callback function is unconditionally called by this pointer. Fix this bug by...

College Website Management System 1.0 SQL Injection

Exploit Title: College Website Management System 1.0 - SQL Injection Date: 12/03/2022 Exploit Author: Mr Empy Software Link: https://www.sourcecodester.com/php/15203/college-website-content-management-system-phpoop-free-source-code.html Version: 1.0 Tested on: Linux Title: ================ Colleg...

WordPress Postie 1.9.40 Cross Site Scripting

Exploit Title: WordPress Plugin Postie 1.9.40 - Persistent Cross-Site Scripting Google Dork: inurl:/wp-content/plugins/postie/readme.txt Date: 2020-01-15 Exploit Author: V1n1v131r4 Vendor Homepage: https://postieplugin.com/ Software Link: https://wordpress.org/plugins/postie/developers Version:...

WordPress Quizlord 2.0 Cross Site Scripting

Exploit Title: WordPress Plugin Quizlord 2.0 - Cross-Site Scripting Date: 2018-08-29 Exploit Author: Renos Nikolaou Software Link: https://downloads.wordpress.org/plugin/quizlord.zip Version: 2.0 Tested on: Kali Linux CVE: N/A Description : Quizlord is prone to Stored Cross Site Scripting...

Aptgp.1.3.0c - Cross-Site Scripting

======================================================================================== | Title : Aptgp.v1.3.0c Cross Site Scripting Vulnerability | | Author : indoushka | | email : [email protected] | | Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -00213771818860 | Web Site :...

APHP ImgList 1.2.2 Cross Site Scripting Vulnerability

No description provided by source. ======================================================================================== | Title : APHP ImgList 1.2.2 Cross Site Scripting Vulnerability | | Author : indoushka | | email : [email protected] | | Home : Souk Naamane - 04325 - Oum El Bouaghi -...

Apache 2.0.(39|40) DOS (PHP!)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -==--==--==- I put PHP in the title so I know this message will reach the "sekur1ty c0mmun1ty", that knows that PHP is bad, because it's easy to write insecure applications, unlike C. - -==--==--==- Problem: o Apache 2.0 .39 and .40 tested on Linuxx...