CVE-2026-46131

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: check for nEPT/nNPT in slow flush hypercalls Checking isguestmodevcpu is incorrect, because translatenestedgpa is only valid if an L2 guest is running with nested EPT/NPT enabled. Instead use the same condition as...

CVE-2025-68186

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not warn in ringbuffermapgetreader when reader catches up The function ringbuffermapgetreader is a bit more strict than the other get reader functions, and except for certain situations the rbgetreaderpage should...

CVE-2025-68186 ring-buffer: Do not warn in ring_buffer_map_get_reader() when reader catches up

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not warn in ringbuffermapgetreader when reader catches up The function ringbuffermapgetreader is a bit more strict than the other get reader functions, and except for certain situations the rbgetreaderpage should...

EUVD-2018-8529

Malware in sbrugna...

EUVD-2018-12705

Malware in sbrugna...

EUVD-2018-8057

Malware in sbrugna...

EUVD-2018-2197

Malware in sbrugna...

EUVD-2021-28057

Malicious code in bioql PyPI...

EUVD-2022-6330

Malicious code in bioql PyPI...

EulerOS 2.0 SP9 : ghostscript (EulerOS-SA-2025-2128)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in Artifex Ghostscript before 10.05.0. The NPDL device has a Compression buffer overflow for...

Linux Distros Unpatched Vulnerability : CVE-2023-49086

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database TSDB. A vulnerability in versions prior to 1.2.2...

Ghostscript: NPDL device: Compression buffer overflow

A flaw was found in Artifex Ghostscript. The NPDL device has a compression buffer overflow for contrib/japanese/gdevnpdl.c...

CVE-2021-40555

Cross site scripting XSS vulnerability in flatCore-CMS 2.2.15 allows attackers to execute arbitrary code via description field on the new page creation form...

CVE-2020-35305

Cross site scripting XSS in gollum 5.0 to 5.1.2 via the filename parameter to the 'New Page' dialog...

CVE-2018-16639

Typesetter 5.1 allows XSS via the index.php/Admin LABEL parameter during new page creation...

CVE-2012-1901

Multiple cross-site request forgery CSRF vulnerabilities in FlexCMS 3.2.1 and earlier allow remote attackers to 1 hijack the authentication of users for requests that change account settings via a request to index.php/profile-edit-save or 2 hijack the authentication of administrators for requests...

Quick CMS 6.7 Shell Upload Vulnerability

Title : Authenticated Shell Upload Product : Quick CMS Vendor : https://opensolution.org/ Affected Version : 6.7 Researcher : Eagle Eye Tested on : Window & Linux Report : Already contact the vendor but no response Affected path : admin.php , core/common-admin.php, database/config.php Affected...

WordPress Plugin Post Form Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

UBUNTU-CVE-2023-49086

Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database TSDB. A vulnerability in versions prior to 1.2.27 bypasses an earlier fix for CVE-2023-39360, therefore leading to a DOM XSS attack. Exploitation of the vulnerability is possible for an...

PT-2023-16729 · Sourcecodester · Sourcecodester Doctors Appointment System

Name of the Vulnerable Software and Affected Versions: SourceCodester Doctors Appointment System version 1.0 Description: A critical issue was found in the Parameter Handler component of the file /admin/add-new.php, where the manipulation of the email argument leads to sql injection. This issue c...