3072 matches found
Malicious Package
Overview @m0ntana/app.web is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
CVE-2026-7709
creationtimestamp| type| source ---|---|--- 2026-05-04 00:53:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mkyhi6bccn2k...
Note Mark 授权问题漏洞
Note Mark is a web-based Markdown note-taking application developed by Leo Spratt. Version 0.19.2 of Note Mark contains an authorization vulnerability. This vulnerability stems from the IsPasswordMatch function falling back to a hardcoded bcrypt empty password placeholder, allowing unauthenticate...
PT-2026-36859
Name of the Vulnerable Software and Affected Versions Notesnook Web/Desktop versions prior to 3.3.15 Notesnook iOS/Android versions prior to 3.3.20 Description A stored Cross-Site Scripting XSS issue exists in the note export flow. The problem occurs because exported note fields, including title,...
Notesnook 跨站脚本漏洞
Notesnook is an end-to-end encrypted note application developed by Streetwriters. Versions of Notesnook for Web/Desktop prior to 3.3.15, as well as versions for iOS/Android prior to 3.3.20, had a cross-site scripting vulnerability. This vulnerability stemmed from the lack of HTML escaping for...
Note Mark 授权问题漏洞
Note Mark is a web-based Markdown note-taking application developed by Leo Spratt. Versions of Note Mark prior to 0.19.3 had an authorization issue vulnerability. This vulnerability stemmed from the fact that notes and uploaded assets could still be accessed after public books were soft-deleted,...
Astra Linux - уязвимость в linux
There is an information disclosure vulnerability in the ARM SIGPAGE functionality of the Linux Kernel v5.4.66 and v5.4.54. The latest version 5.11-rc4 appears to still be vulnerable. A userland application can read the contents of the sigpage, which may lead to the exposure of kernel memory...
CVE-2026-44522
creationtimestamp| type| source ---|---|--- 2026-05-02 14:27:54+00:00| published-proof-of-concept| https://github.com/enchant97/note-mark/security/advisories/GHSA-g49p-4qxj-88v3...
BELL-CVE-2026-43057
Bulletin has no description...
BELL-CVE-2026-43049
Bulletin has no description...
MINI-XX72-WM4V-5F5C
Bulletin has no description...
GHSA-MP3R-6558-HVG8 vulnerabilities
Vulnerabilities for packages: linux-gcp, linux-qemu, linux-aws, linux-azure, linux-vmware...
Deserialization of Untrusted Data
Overview org.apache.mina:mina-core is a network application framework which helps users develop high performance and high scalability network applications easily. Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the resolveClass function in AbstractIoBuffe...
Exploit for CVE-2026-31431
CVE-2026-31431.c This content is provided for educational pu...
Exploit for CVE-2026-31431
Copy Fail - CVE-2...
MINI-25QP-R623-PPF7
Bulletin has no description...
CVE-2018-25314
creationtimestamp| type| source ---|---|--- 2026-04-29 20:25:52+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mknwnpzlsb2o 2026-04-29 20:39:27+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mknxfzyb4u2c...
CGA-RP24-M6QC-6PMW
Bulletin has no description...
MINI-8J8R-X772-VC6Q
Bulletin has no description...
MINI-PQ7R-49HG-PFRP
Bulletin has no description...