CVE-2025-38511

In the Linux kernel, the following vulnerability has been resolved: drm/xe/pf: Clear all LMTT pages on alloc Our LMEM buffer objects are not cleared by default on alloc and during VF provisioning we only setup LMTT PTEs for the actually provisioned LMEM range. But beyond that valid range we might...

brick-browser (>=0.0.0 <=0.0.14), brick-node (>=0.0.0 <=0.0.17) +13 more potentially affected by unknown CVE via mix-objects (>=0.0.2 <=0.0.3)

mix-objects NPM version =0.0.2, =0.0.0, =0.0.0, =0.5.0-alpha.2, =0.0.0, =2.0.0, =0.0.0, =0.0.0, =0.0.0, =0.0.0, =0.1.0, =0.0.0, =2.0.0, =0.0.4-1.1, =4.5.0 Source cves: unknown CVE Source advisory: OSV:MAL-2025-26507...

Malicious code in mix-objects (npm)

The package mix-objects was found to contain malicious code...

MAL-2025-15540 Malicious code in bby-page-objects (npm)

The package bby-page-objects was found to contain malicious code...

Malicious code in bby-page-objects (npm)

The package bby-page-objects was found to contain malicious code...

MAL-2025-26507 Malicious code in mix-objects (npm)

The package mix-objects was found to contain malicious code...

CVE-2025-42936

The SAP NetWeaver Application Server for ABAP does not enable an administrator to assign distinguished authorizations for different user roles, this issue allows authenticated users to access restricted objects in the barcode interface, leading to privilege escalation. This results in a low impac...

Allocation of Resources Without Limits or Throttling

Overview org.bouncycastle:bcprov-jdk16 is a Bouncy Castle Crypto package that is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.6. Affected versions of this package are vulnerable to Allocatio...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to improper processing of large name constraint structures in PKIXCertPathReviewer. An attacker can cause excessive resource allocation by submitting specially crafted ASN.1...

CISA: FY 2025 State and Local Cybersecurity Grant Program FAQs

Congress established the State and Local Cybersecurity Grant Program SLCGP to "award grants to eligible entities to address cybersecurity risks and cybersecurity threats to information systems owned or operated by, or on behalf of, state, local, or Tribal governments." Within the U.S. Department ...

CVE-2025-42936

The SAP NetWeaver Application Server for ABAP does not enable an administrator to assign distinguished authorizations for different user roles, this issue allows authenticated users to access restricted objects in the barcode interface, leading to privilege escalation. This results in a low impac...

CVE-2025-42936

The SAP NetWeaver Application Server for ABAP does not enable an administrator to assign distinguished authorizations for different user roles, this issue allows authenticated users to access restricted objects in the barcode interface, leading to privilege escalation. This results in a low impac...

CVE-2025-42936 Missing Authorization check in SAP NetWeaver Application Server for ABAP

The SAP NetWeaver Application Server for ABAP does not enable an administrator to assign distinguished authorizations for different user roles, this issue allows authenticated users to access restricted objects in the barcode interface, leading to privilege escalation. This results in a low impac...

BIT-LIBPYTHON-2020-14422

Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface...

Linux Distros Unpatched Vulnerability : CVE-2022-49800

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tracing: Fix memory leak in testgensynthcmd and testemptysynthevent testgensynthcmd only fre...

Linux Distros Unpatched Vulnerability : CVE-2022-48995

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Input: raydiumtsi2c - fix memory leak in raydiumi2csend There is a kmemleak when test the...

RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction

...

Linux Distros Unpatched Vulnerability : CVE-2021-20292

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveausgdma.c in nouveausgdmacreatettm in Nouveau DRM subsystem...

Linux Distros Unpatched Vulnerability : CVE-2021-46980

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Retrieve all the PDOs instead of just the first 4 commit 4dbc6a4ef06d usb:...

Exploit for Relative Path Traversal in Articatech Artica_Proxy

LFI to RCE Exploit via Log Poisoning Python3 exploit for CVE...