CVE-2025-43878

When running in Appliance mode, an authenticated attacker assigned the Administrator or Resource Administrator role may be able to bypass Appliance mode restrictions utilizing system diagnostics tcpdump command utility on a F5OS-C/A system. Note: Software versions which have reached End of...

DEBIAN-CVE-2025-46687

quickjs-ng through 0.9.0 has a missing length check in JSReadString for a string, leading to a heap-based buffer overflow. QuickJS before 2025-04-26 is also affected...

Personal Management System 安全漏洞

Personal Management System is a web application for managing personal data by Dariusz Personal Developer. A security vulnerability exists in Personal Management System version 1.4.65, which stems from mishandling of the Create Note feature and could allow a remote attacker to obtain sensitive...

CVE-2025-3213

A vulnerability classified as critical was found in PHPGurukul e-Diary Management System 1.0. This vulnerability affects unknown code of the file /view-note.php?noteid=11. The manipulation of the argument remark leads to sql injection. The attack can be initiated remotely. The exploit has been...

PHPGurukul e-Diary Management System 注入漏洞

The e-Diary Management System is an electronic diary management system. The e-Diary Management System suffers from a SQL injection vulnerability that originates from a missing validation of externally entered SQL statements in the parameter mark of the view-note.php file. An attacker can exploit...

PT-2025-14852 · Unknown · Phpgurukul E-Diary Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul e-Diary Management System version 1.0 Description: A critical vulnerability was found in the PHPGurukul e-Diary Management System, affecting unknown code in the file /view-note.php?noteid=11. The manipulation of the remark argument...

CVE-2025-21992

In the Linux kernel, the following vulnerability has been resolved: HID: ignore non-functional sensor in HP 5MP Camera The HP 5MP Camera USB ID 0408:5473 reports a HID sensor interface that is not actually implemented. Attempting to access this non-functional sensor via iioinfo causes system hang...

Important: Red Hat Security Advisory: Red Hat build of Quarkus 3.15.4 release and security update

An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more informatio...

Directory Traversal

Overview aws-sam-cli is an AWS SAM CLI is a CLI tool for local development and testing of Serverless applications Affected versions of this package are vulnerable to Directory Traversal through the symlink handling process. After completing a build, the content of those symlinks is copied to the...

CGA-WQ7P-WH7Q-RQV5

Bulletin has no description...

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Amendment This was deemed not a vulnerability. Overview Affected versions of this package are vulnerable to Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' in the $ shell API due to improper neutralization of user input. An attacker can exploit this by...

Origin Validation Error

Overview agentscope is an AgentScope: A Flexible yet Robust Multi-Agent Platform. Affected versions of this package are vulnerable to Origin Validation Error due to the CORS configuration on the server. An attacker can access unauthorized data and disclose information by sending requests from...

Drupal 10.3.x < 10.3.14 / 10.4.x < 10.4.5 / 11.x < 11.0.13 / 11.1.x < 11.1.5 Drupal Vulnerability (SA-CORE-2025-004)

According to its self-reported version, the instance of Drupal running on the remote web server is 10.3.x prior to 10.3.14, 10.4.x prior to 10.4.5, 11.x prior to 11.0.13, or 11.1.x prior to 11.1.5. It is, therefore, affected by a vulnerability. - Improper Neutralization of Input During Web Page...

Linux Distros Unpatched Vulnerability : CVE-2017-9168

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input- bmp.c:353:25. CVE-2017-9168 Note that Nessus relies on t...

UBUNTU-CVE-2024-49570

In the Linux kernel, the following vulnerability has been resolved: drm/xe/tracing: Fix a potential TPprintk UAF The commit afd2627f727b "tracing: Check "%s" dereference via the field and not the TPprintk format" exposes potential UAFs in the xebomove trace event. Fix those by avoiding...

DEBIAN-CVE-2022-49107

In the Linux kernel, the following vulnerability has been resolved: ceph: fix memory leak in cephreaddir when notelastdentry returns error Reset the lastreaddir at the same time, and add a comment explaining why we don't free lastreaddir when diremit returns false...

CVE-2022-49107 ceph: fix memory leak in ceph_readdir when note_last_dentry returns error

In the Linux kernel, the following vulnerability has been resolved: ceph: fix memory leak in cephreaddir when notelastdentry returns error Reset the lastreaddir at the same time, and add a comment explaining why we don't free lastreaddir when diremit returns false...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the cephreaddir function not resetting lastreaddir when notelastdentry returns an error, which could lead to a...

WordPress Gift Cards plugin <= 4.4.9 - Missing Authorization to Unauthenticated Price, Date, and Note Updates vulnerability

Missing Authorization to Unauthenticated Price, Date, and Note Updates vulnerability discovered by Tieu Pham Trong Nhan in WordPress Plugin Gift Vouchers versions = 4.4.9...

PT-2025-7782 · Red Os · Red Os

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue concerns permission checks in Feedback activities, where restrictions related to Separate Groups mode were not properly considered before allowing users to view or delete responses...