54816 matches found
PT-2025-51596
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to the Integrity Measurement Architecture IMA. When both IMA and Extended Verification Module EVM are in fix mode, the IMA signature can be reset...
PT-2025-51354
Name of the Vulnerable Software and Affected Versions Fickling versions prior to 0.1.6 Description Fickling, a Python pickling decompiler and static analyzer, lacks marshal and types in its list of blocked unsafe module imports. This allows attackers to create malicious pickle files that bypass...
PT-2025-51355
Name of the Vulnerable Software and Affected Versions Fickling versions prior to 0.1.6 Description Fickling, a Python pickling decompiler and static analyzer, contained a bypass related to missing unsafe module imports. Specifically, the pty module was not included in the block list, leading to...
PT-2025-51767
Name of the Vulnerable Software and Affected Versions Volosoft ABP Framework versions 5.1.0 through 9.9.9-rc.2 Description An open redirect issue exists within the Account module. Insufficient validation of the returnUrl parameter in the register function enables an attacker to redirect users to...
ROS-20251216-7319
Vulnerability in VirtualBox-kmod related to insecure privilege management. Exploitation of the vulnerability could allow an attacker to escalate privileges...
CVE-2025-65581
The CVE-2025-65581 entry documents an open redirect in Volosoft ABP Framework’s Account module, affecting versions 5.1.0 up to but not including 10.0.0-rc.2. The root cause is improper validation of the returnUrl parameter in the register function, allowing redirects to arbitrary external domains...
Fickling 代码问题漏洞
Fickling is an open source decompiler and static analyzer for Python by Trail of Bits. A code issue vulnerability exists in versions of Fickling prior to 0.1.6, which stems from a lack of security checks in the marshal and types modules and could lead to the execution of arbitrary code...
PT-2025-51629
In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Disable trampoline for kernel module function trace The current LoongArch BPF trampoline implementation is incompatible with tracing functions in kernel modules. This causes several severe and user-visible problem...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the lack of condresched in ftracemoduleenable, which could lead to a soft lockup...
Linux Distros Unpatched Vulnerability : CVE-2025-68262
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: zstd - fix double-free in per-CPU stream cleanup The crypto/zstd module has a double-free bug that occurs when multiple tfms are allocated and freed. Th...
Linux Distros Unpatched Vulnerability : CVE-2025-68173
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ftrace: Fix softlockup in ftracemoduleenable A soft lockup was observed when loading amdgpu module. If a module has a lot of tracable functions, multiple calls ...
PT-2025-51675
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The crypto/zstd module contains a flaw where per-CPU streams can be freed multiple times, leading to a double-free issue. This occurs when multiple transform contexts tfms are allocated...
📄 1C-Bitrix 25.100.500 Remote Code Execution
1C-Bitrix versions 25.100.500 and below have a vulnerability that is located within the Translate Module, which allows users to upload and extract archive files into a temporary directory. However, the application fails to properly verify the contents of these archives before extracting them. Thi...
CVE-2025-14731 CTCMS Content Management System Frontend/Template Management CT_Parser.php special elements used in a template engine
A weakness has been identified in CTCMS Content Management System up to 2.1.2. This affects an unknown function in the library /ctcms/apps/libraries/CTParser.php of the component Frontend/Template Management Module. This manipulation causes improper neutralization of special elements used in a...
CVE-2025-14729
A vulnerability was identified in CTCMS Content Management System up to 2.1.2. The affected element is the function Save of the file /ctcms/libs/CtApp.php of the component Backend App Configuration Module. The manipulation of the argument CTAppPaytype leads to code injection. Remote exploitation ...
CVE-2025-14730
A security flaw has been discovered in CTCMS Content Management System up to 2.1.2. The impacted element is an unknown function in the library /ctcms/libs/CtConfig.php of the component Backend System Configuration Module. The manipulation of the argument CjAdd/CjEdit results in code injection. Th...
CVE-2025-14729
A vulnerability was identified in CTCMS Content Management System up to 2.1.2. The affected element is the function Save of the file /ctcms/libs/CtApp.php of the component Backend App Configuration Module. The manipulation of the argument CTAppPaytype leads to code injection. Remote exploitation ...
CVE-2025-14729 CTCMS Content Management System Backend App Configuration Ct_App.php save code injection
A vulnerability was identified in CTCMS Content Management System up to 2.1.2. The affected element is the function Save of the file /ctcms/libs/CtApp.php of the component Backend App Configuration Module. The manipulation of the argument CTAppPaytype leads to code injection. Remote exploitation ...
GO-2025-4212 ZITADEL Vulnerable to Account Takeover Due to Improper Instance Validation in V2 Login in github.com/zitadel/zitadel
ZITADEL Vulnerable to Account Takeover Due to Improper Instance Validation in V2 Login in github.com/zitadel/zitadel. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive...
EUVD-2024-55355
FNT Command 13.4.0 is vulnerable to Code Execution via the C Base Module...