CVE-2025-7124

A vulnerability classified as critical has been found in code-projects Online Note Sharing 1.0. Affected is an unknown function of the file /dashboard/userprofile.php of the component Profile Image Handler. The manipulation of the argument image leads to unrestricted upload. It is possible to...

CVE-2025-7124

A vulnerability classified as critical has been found in code-projects Online Note Sharing 1.0. Affected is an unknown function of the file /dashboard/userprofile.php of the component Profile Image Handler. The manipulation of the argument image leads to unrestricted upload. It is possible to...

CVE-2025-7124

CVE-2025-7124 affects code-projects Online Note Sharing 1.0, specifically the Profile Image Handler’s /dashboard/userprofile.php. The vulnerability arises from improper handling of the image parameter, enabling unrestricted file uploads. Reported as exploitable remotely, with exploit activity dis...

UBUNTU-CVE-2025-49809

mtr through 0.95, in certain privileged contexts, mishandles execution of a program specified by the MTRPACKET environment variable. NOTE: mtr on macOS may often have Sudo rules, as an indirect consequence of Homebrew not installing setuid binaries...

SUSE CVE-2025-38084

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: unshare page tables during VMA split, not before Currently, splitvma triggers hugetlb page table unsharing through vmops-maysplit. This happens before the VMA lock and rmap locks are taken - which is too early, it...

AZL-64377 CVE-2025-38084 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: unshare page tables during VMA split, not before Currently, splitvma triggers hugetlb page table unsharing through vmops-maysplit. This happens before the VMA lock and rmap locks are taken - which is too early, it...

CVE-2025-6425

An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser, and persisted between containers and normal/private browsing mode, but not profiles. This vulnerability was fixed in Firefox 140, Firefox ESR 115.25, Firefox ESR...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the hashmapsetwithhash function in the gumbo-parser/src/hashmap.c file. An attacker can cause a crash or disrupt service by providing crafted input. Note: According to the maintainer of the package the cod...

AZL-64278 CVE-2025-6269 affecting package hdf5 for versions less than 1.14.6-1

A vulnerability classified as critical was found in HDF5 up to 1.14.6. Affected by this vulnerability is the function H5Creconstructcacheentry of the file H5Cimage.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the...

com.farao-community.farao:csa-runner-api (>=1.2.1 <=2.6.1), com.farao-community.farao:csa-runner-app (>=0.0.1 <=2.6.1) +345 more potentially affected by CVE-2025-47293 via com.powsybl:powsybl-commons (>=1.0.0 <=6.7.1)

com.powsybl:powsybl-commons MAVEN version =1.0.0, =1.2.1, =0.0.1, =4.1.4, =1.0.0, =3.9.3, =1.0.0, =3.7.1, =2.0.0, =3.0.0, =2.4.1, =3.9.0, =4.5.0, =3.3.3, =3.6.0, =5.0.0 and more Source cves: CVE-2025-47293 Source advisory: OSV:GHSA-QPJ9-QCWX-8JV2...

Malicious code in test_for_ntu_note_2 (npm)

The package communicates with a domain associated with malicious activity...

RHSA-2025:9185

creationtimestamp| type| source ---|---|--- 2025-06-17 14:39:59+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/18594...

CVE-2025-48911

Vulnerability of improper permission assignment in the note sharing module Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2025-48911

Vulnerability of improper permission assignment in the note sharing module Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2025-48911

Vulnerability of improper permission assignment in the note sharing module Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2025-48911

Vulnerability of improper permission assignment in the note sharing module Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2025-48911

CVE-2025-48911 is associated with Huawei/HarmonyOS and is described as a vulnerability in the note sharing module caused by improper permission assignments. Multiple sources (NVD, RH, CNVD/CNNVD) consistently indicate the issue impacts HarmonyOS 5.0.0 and may affect availability if exploited, wit...

CVE-2025-48911

Vulnerability of improper permission assignment in the note sharing module Impact: Successful exploitation of this vulnerability may affect availability...

PT-2025-24030 · Huawei · Harmonyos

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue concerns a vulnerability of improper permission assignment in the note sharing module. Successful exploitation of this vulnerability may affect availability. Recommendations: At th...

DEBIAN-CVE-2025-4517

Allows arbitrary filesystem writes outside the extraction directory during extraction with filter="data". You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall or TarFile.extract using the filter= parameter with a value of...