Linux Distros Unpatched Vulnerability : CVE-2025-9905

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Keras Model.loadmodel method can be exploited to achieve arbitrary code execution, even with safemode=True. One can create a specially crafted .h5/.hdf5 mod...

Linux Distros Unpatched Vulnerability : CVE-2022-50376

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - orangefs: Fix kmemleak in orangefskernel,clientdebuginit When insert and remove the orangefs module, there are memory leaked as below: unreferenced object...

CVE-2025-59582

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Darren Cooney Ajax Load More ajax-load-more allows Retrieve Embedded Sensitive Data.This issue affects Ajax Load More: from n/a through = 7.6.0.2...

CVE-2025-56816

Datart 1.0.0-rc.3 is vulnerable to Directory Traversal. The configuration file handling of the application allows attackers to upload arbitrary YAML files to the config/jdbc-driver-ext.yml path. The application parses this file using SnakeYAML's unsafe load or loadAs method without input...

CVE-2025-10906

CVE-2025-10906 affects Magnetism Studios Endurance on macOS (versions up to 3.3.0). The vulnerability lies in the NSXPC Interface, specifically loadModuleNamed:WithReply in /Applications/Endurance.app/Contents/Library/LaunchServices/com.MagnetismStudios.endurance.helper, enabling local manipulati...

CVE-2025-10906 Magnetism Studios Endurance NSXPC com.MagnetismStudios.endurance.helper loadModuleNamed:WithReply missing authentication

A flaw has been found in Magnetism Studios Endurance up to 3.3.0 on macOS. This affects the function loadModuleNamed:WithReply of the file /Applications/Endurance.app/Contents/Library/LaunchServices/com.MagnetismStudios.endurance.helper of the component NSXPC Interface. Executing manipulation can...

CVE-2025-56816

Datart 1.0.0-rc.3 is vulnerable to Directory Traversal via uploading YAML to config/jdbc-driver-ext.yml, parsed with SnakeYAML unsafe load/loadAs. This allows attacker-controlled YAML deserialization, potentially enabling remote code execution (RCE) under certain conditions. Exploitation details ...

CVE-2025-56816

Datart 1.0.0-rc.3 is vulnerable to Directory Traversal. The configuration file handling of the application allows attackers to upload arbitrary YAML files to the config/jdbc-driver-ext.yml path. The application parses this file using SnakeYAML's unsafe load or loadAs method without input...

SUSE CVE-2023-53425

In the Linux kernel, the following vulnerability has been resolved: media: platform: mediatek: vpu: fix NULL ptr dereference If pdev is NULL, then it is still dereferenced. This fixes this smatch warning: drivers/media/platform/mediatek/vpu/mtkvpu.c:570 vpuloadfirmware warn: address of NULL point...

SUSE CVE-2025-7345

A flaw exists in gdk-pixbuf within the gdkpixbufjpegimageloadincrement function io-jpeg.c and in glib's gbase64encodestep glib/gbase64.c. When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory,...

CVE-2025-59582

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Darren Cooney Ajax Load More ajax-load-more allows Retrieve Embedded Sensitive Data.This issue affects Ajax Load More: from n/a through = 7.6.0.2...

CVE-2025-59582 WordPress Ajax Load More Plugin <= 7.6.0.2 - Sensitive Data Exposure Vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Darren Cooney Ajax Load More ajax-load-more allows Retrieve Embedded Sensitive Data.This issue affects Ajax Load More: from n/a through = 7.6.0.2...

CVE-2025-59582

CVE-2025-59582 concerns Ajax Load More (WordPress plugin). The issue is an exposed sensitive data vulnerability where an unauthorized actor could retrieve embedded sensitive data due to insufficient access control in the plugin’s Ajax handling. Affected range stated as from n/a through

CVE-2025-59582 WordPress Ajax Load More Plugin <= 7.6.0.2 - Sensitive Data Exposure Vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Darren Cooney Ajax Load More allows Retrieve Embedded Sensitive Data. This issue affects Ajax Load More: from n/a through 7.6.0.2...

WordPress Ajax Load More Plugin <= 7.6.0.2 - Sensitive Data Exposure Vulnerability

Sensitive Data Exposure Vulnerability discovered by MD ISMAIL in WordPress Plugin Ajax Load More versions = 7.6.0.2...

WordPress plugin Ajax Load More security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, with the ability to host personal blog sites on PHP and MySQL based servers.WordPress...

PT-2025-39052

Name of the Vulnerable Software and Affected Versions Darren Cooney Ajax Load More versions through 7.6.0.2 Description A flaw exists in Darren Cooney Ajax Load More that allows for the retrieval of embedded sensitive data, potentially exposing sensitive system information to an unauthorized...

Arbitary Code execution in Keras load_model()

...

OSV-2025-766 Heap-buffer-overflow in Open

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=446027676 Crash type: Heap-buffer-overflow READ 4 Crash state: Open demuxProbe vlcmoduleload...

Linux Distros Unpatched Vulnerability : CVE-2023-53278

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix memory leak in ubifssysfsinit When insmod ubifs.ko, a kmemleak reported as below:...