Lucene search
K

54816 matches found

Positive Technologies
Positive Technologies
added 2025/12/16 12:0 a.m.2 views

PT-2025-51596

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to the Integrity Measurement Architecture IMA. When both IMA and Extended Verification Module EVM are in fix mode, the IMA signature can be reset...

5.8AI score0.00168EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/12/16 12:0 a.m.4 views

PT-2025-51354

Name of the Vulnerable Software and Affected Versions Fickling versions prior to 0.1.6 Description Fickling, a Python pickling decompiler and static analyzer, lacks marshal and types in its list of blocked unsafe module imports. This allows attackers to create malicious pickle files that bypass...

8.5CVSS7.4AI score0.00237EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2025/12/16 12:0 a.m.9 views

PT-2025-51355

Name of the Vulnerable Software and Affected Versions Fickling versions prior to 0.1.6 Description Fickling, a Python pickling decompiler and static analyzer, contained a bypass related to missing unsafe module imports. Specifically, the pty module was not included in the block list, leading to...

8.5CVSS6.4AI score0.00235EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2025/12/16 12:0 a.m.6 views

PT-2025-51767

Name of the Vulnerable Software and Affected Versions Volosoft ABP Framework versions 5.1.0 through 9.9.9-rc.2 Description An open redirect issue exists within the Account module. Insufficient validation of the returnUrl parameter in the register function enables an attacker to redirect users to...

5.3CVSS6.5AI score0.00239EPSS
Exploits0References5
Redos
Redos
added 2025/12/16 12:0 a.m.5 views

ROS-20251216-7319

Vulnerability in VirtualBox-kmod related to insecure privilege management. Exploitation of the vulnerability could allow an attacker to escalate privileges...

6.5CVSS7.1AI score0.00176EPSS
Exploits0
CVE
CVE
added 2025/12/16 12:0 a.m.21 views

CVE-2025-65581

The CVE-2025-65581 entry documents an open redirect in Volosoft ABP Framework’s Account module, affecting versions 5.1.0 up to but not including 10.0.0-rc.2. The root cause is improper validation of the returnUrl parameter in the register function, allowing redirects to arbitrary external domains...

5.3CVSS6.5AI score0.00239EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2025/12/16 12:0 a.m.4 views

Fickling 代码问题漏洞

Fickling is an open source decompiler and static analyzer for Python by Trail of Bits. A code issue vulnerability exists in versions of Fickling prior to 0.1.6, which stems from a lack of security checks in the marshal and types modules and could lead to the execution of arbitrary code...

8.5CVSS6.9AI score0.00237EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/12/16 12:0 a.m.4 views

PT-2025-51629

In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Disable trampoline for kernel module function trace The current LoongArch BPF trampoline implementation is incompatible with tracing functions in kernel modules. This causes several severe and user-visible problem...

6.3AI score0.00155EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/12/16 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the lack of condresched in ftracemoduleenable, which could lead to a soft lockup...

6.1AI score0.00168EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/12/16 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-68262

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: zstd - fix double-free in per-CPU stream cleanup The crypto/zstd module has a double-free bug that occurs when multiple tfms are allocated and freed. Th...

5.7AI score0.00169EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/12/16 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-68173

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ftrace: Fix softlockup in ftracemoduleenable A soft lockup was observed when loading amdgpu module. If a module has a lot of tracable functions, multiple calls ...

6.1AI score0.00168EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/16 12:0 a.m.5 views

PT-2025-51675

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The crypto/zstd module contains a flaw where per-CPU streams can be freed multiple times, leading to a double-free issue. This occurs when multiple transform contexts tfms are allocated...

9.8CVSS7.2AI score0.00378EPSS
Exploits7References414
Packet Storm
Packet Storm
added 2025/12/16 12:0 a.m.674 views

📄 1C-Bitrix 25.100.500 Remote Code Execution

1C-Bitrix versions 25.100.500 and below have a vulnerability that is located within the Translate Module, which allows users to upload and extract archive files into a temporary directory. However, the application fails to properly verify the contents of these archives before extracting them. Thi...

7.7AI score0.01549EPSS
Exploits4
Cvelist
Cvelist
added 2025/12/15 11:32 p.m.29 views

CVE-2025-14731 CTCMS Content Management System Frontend/Template Management CT_Parser.php special elements used in a template engine

A weakness has been identified in CTCMS Content Management System up to 2.1.2. This affects an unknown function in the library /ctcms/apps/libraries/CTParser.php of the component Frontend/Template Management Module. This manipulation causes improper neutralization of special elements used in a...

6.5CVSS0.00378EPSS
Exploits1References6
NVD
NVD
added 2025/12/15 11:15 p.m.7 views

CVE-2025-14729

A vulnerability was identified in CTCMS Content Management System up to 2.1.2. The affected element is the function Save of the file /ctcms/libs/CtApp.php of the component Backend App Configuration Module. The manipulation of the argument CTAppPaytype leads to code injection. Remote exploitation ...

7.2CVSS0.00386EPSS
Exploits1References4
OSV
OSV
added 2025/12/15 11:15 p.m.4 views

CVE-2025-14730

A security flaw has been discovered in CTCMS Content Management System up to 2.1.2. The impacted element is an unknown function in the library /ctcms/libs/CtConfig.php of the component Backend System Configuration Module. The manipulation of the argument CjAdd/CjEdit results in code injection. Th...

7.2CVSS5.6AI score0.00386EPSS
Exploits1References4
OSV
OSV
added 2025/12/15 11:15 p.m.7 views

CVE-2025-14729

A vulnerability was identified in CTCMS Content Management System up to 2.1.2. The affected element is the function Save of the file /ctcms/libs/CtApp.php of the component Backend App Configuration Module. The manipulation of the argument CTAppPaytype leads to code injection. Remote exploitation ...

7.2CVSS5.5AI score0.00386EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/12/15 11:2 p.m.22 views

CVE-2025-14729 CTCMS Content Management System Backend App Configuration Ct_App.php save code injection

A vulnerability was identified in CTCMS Content Management System up to 2.1.2. The affected element is the function Save of the file /ctcms/libs/CtApp.php of the component Backend App Configuration Module. The manipulation of the argument CTAppPaytype leads to code injection. Remote exploitation ...

5.8CVSS0.00386EPSS
Exploits1References4
OSV
OSV
added 2025/12/15 7:37 p.m.6 views

GO-2025-4212 ZITADEL Vulnerable to Account Takeover Due to Improper Instance Validation in V2 Login in github.com/zitadel/zitadel

ZITADEL Vulnerable to Account Takeover Due to Improper Instance Validation in V2 Login in github.com/zitadel/zitadel. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive...

9.3CVSS6.7AI score0.00322EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/15 6:30 p.m.4 views

EUVD-2024-55355

FNT Command 13.4.0 is vulnerable to Code Execution via the C Base Module...

8.8CVSS6.8AI score0.0035EPSS
Exploits0References3
Rows per page
Query Builder