479 matches found
CVE-2022-0004
Hardware debug modes and processor INIT setting that allow override of locks for some IntelR Processors in IntelR Boot Guard and IntelR TXT may allow an unauthenticated user to potentially enable escalation of privilege via physical access...
Cross-site Scripting (XSS)
Overview @remix-run/router is a Nested/Data-driven/Framework-agnostic Routing Affected versions of this package are vulnerable to Cross-site Scripting XSS in the navigation redirect process for loaders or actions in Framework Mode, Data Mode, or the unstable RSC modes. An attacker can execute...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS in the navigation redirect process for loaders or actions in Framework Mode, Data Mode, or the unstable RSC modes. An attacker can execute arbitrary JavaScript code in the context of the user's browser by...
PT-2026-6140
Name of the Vulnerable Software and Affected Versions Linux kernel versions 6.19.0-rc5-00154-g76ec646abdf7-dirty through 6.19.0-rc5-00154-g76ec646abdf7-dirty Description The Linux kernel contains a flaw related to insufficient checks for firmware data fwdata in the Octeontx2-af driver...
EUVD-2025-204305
An authentication bypass vulnerability exists in AnythingLLM v1.8.5 in via the /api/workspaces endpoint. The endpoint fails to implement proper authentication checks, allowing unauthenticated remote attackers to enumerate and retrieve detailed information about all configured workspaces. Exposed...
CVE-2025-63390
An authentication bypass vulnerability exists in AnythingLLM v1.8.5 in via the /api/workspaces endpoint. The endpoint fails to implement proper authentication checks, allowing unauthenticated remote attackers to enumerate and retrieve detailed information about all configured workspaces. Exposed...
PT-2025-52256
Name of the Vulnerable Software and Affected Versions AnythingLLM version 1.8.5 Description An authentication bypass allows unauthenticated remote attackers to enumerate and retrieve detailed information about all configured workspaces. The issue is due to missing authentication checks in the...
CVE-2025-63390
An authentication bypass vulnerability exists in AnythingLLM v1.8.5 in via the /api/workspaces endpoint. The endpoint fails to implement proper authentication checks, allowing unauthenticated remote attackers to enumerate and retrieve detailed information about all configured workspaces. Exposed...
DEBIAN-CVE-2023-53798
In the Linux kernel, the following vulnerability has been resolved: ethtool: Fix uninitialized number of lanes It is not possible to set the number of lanes when setting link modes using the legacy IOCTL ethtool interface. Since 'struct ethtoollinkksettings' is not initialized in this path, drive...
CVE-2023-53798
CVE-2023-53798 affects the Linux kernel’s ethtool path for setting link modes via the legacy IOCTL interface. The root cause is an uninitialized struct ethtool_link_ksettings in the IOCTL/set_link_ksettings path, causing the lanes field to be read as uninitialized memory, which can influence driv...
CVE-2023-53798
In the Linux kernel, the following vulnerability has been resolved: ethtool: Fix uninitialized number of lanes It is not possible to set the number of lanes when setting link modes using the legacy IOCTL ethtool interface. Since 'struct ethtoollinkksettings' is not initialized in this path, drive...
CVE-2023-53798 ethtool: Fix uninitialized number of lanes
In the Linux kernel, the following vulnerability has been resolved: ethtool: Fix uninitialized number of lanes It is not possible to set the number of lanes when setting link modes using the legacy IOCTL ethtool interface. Since 'struct ethtoollinkksettings' is not initialized in this path, drive...
CVE-2025-40313 ntfs3: pretend $Extend records as regular files
In the Linux kernel, the following vulnerability has been resolved: ntfs3: pretend $Extend records as regular files Since commit af153bb63a33 "vfs: catch invalid modes in mayopen" requires any inode be one of SIFDIR/SIFLNK/SIFREG/SIFCHR/SIFBLK/ SIFIFO/SIFSOCK type, use SIFREG for $Extend records...
Exploit for Deserialization of Untrusted Data in Facebook React
Next.js/React RSC Scanner & Exploit - RCE...
📄 Django 5.1.13 SQL Injection
Django version 5.1.13 suffers from a remote SQL injection vulnerability. Exploit Title: Django 5.1.13 - SQL Injection Google Dork: none Not applicable for this vulnerability Date: 2025-12-03 Exploit Author: Wafcontrol Security Team Vendor Homepage: https://www.djangoproject.com/ Software Link:...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990415)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990415 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/exynos/vidi: fix memory leak in .getmodes The duplicated EDID is never freed. Fix it. Tenable...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990635)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990635 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/dispnv04: fix null pointer dereference in nv17tvgetldmodes In nv17tvgetldmodes, the...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990571)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990571 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/dispnv04: fix null pointer dereference in nv17tvgethdmodes In nv17tvgethdmodes, the...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988853)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988853 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/panel: fix a possible null pointer dereference In versatilepanelgetmodes, the return value of...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990198)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990198 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/dispnv04: fix null pointer dereference in nv17tvgetldmodes In nv17tvgetldmodes, the...