GHSA-VG22-4GMJ-PRXW PraisonAI's unauthenticated A2A official example can reach real LLM-driven `eval()` tool execution

Summary The first-party PraisonAI A2A server example combines three behaviors into a remotely exploitable Critical chain: 1. The example exposes an A2A server without configuring authtoken. 2. The same example binds the server to 0.0.0.0. 3. The example registers a calculateexpression tool...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005556)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005556 advisory. In the Linux kernel, the following vulnerability has been resolved: kcm: Serialise kcmsendmsg for the same socket. syzkaller reported UAF in kcmrelease. 0 The scenar...

CVE-2019-25262

Summary of CVE-2019-25262: In the Razgover project by elinicksic, the vulnerability affects the file Chattify/send.php within the Chat Message Handler. The issue arises from improper manipulation of the msg argument, enabling cross-site scripting (XSS). The threat is described as remote and possi...

EUVD-2025-23150

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-23142

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sctp: detect and prevent references to a freed transport in sendmsg sctpsendmsg re-uses associations and transports when possible by doing a lookup based on the...

AZL-59760 CVE-2025-21947 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix type confusion via race condition when using ipcmsgsendrequest req-handle is allocated using ksmbdacquireid&ipcida, based on idaalloc. req-handle from ksmbdipcloginrequest and FSCTLPIPETRANSCEIVE ioctl can be same and ...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the presence of a race condition in ipcmsgsendrequest leading to type confusion...

PT-2022-34934 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.6 Description: The issue is related to a NULL pointer dereference in the io msg send fd function. This problem was introduced in version v6.0 and is fixed in version v6.0.6. The actual impact and attack...

CVE-2018-14926

Matera Banco 1.0.0 allows CSRF, as demonstrated by a /contingency/web/messageSend/messageSendHandler.jsp request...

kppw最新版前台sql注入

简要描述： 我这么认真，你们还是给我点对应的rank吧 详细说明： 算上关联的函数，本来还有很多的，我自己也没有找了， 我测试的是utf版本的，你们gbk版本由于这个问题已经炸了，希望好好审查 下面我拿 control\user\messagesend.php文件举例，同样问题的我找的还有 message.php,yijia.php setUid $gUid ; $objMsgM-setUsername $username ; $objMsgM-setTouid $arrSpaceInfo 'uid' ; $objMsgM-setTousername $arrSpaceInfo...

Insky CMS 006-0111 - Multiple Remote File Inclusions

\|/// \ - - // @ @ ----oOOo---oOOo-------------------------------------------------- Insky CMS v006-0111 Multiple Remote File Include Vulnerability Script: http://code.google.com/p/insky/downloads/list Author: mat Mail: [email protected]...