Siemens SIMATIC S7-1500 Buffer Copy without Checking Size of Input (CVE-2023-0687)

A vulnerability was found in GNU C Library 2.38. It has been declared as critical. This vulnerability affects the function monstartup of the file gmon.c of the component Call Graph Monitor. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. VDB-220246...

CVE-2025-13058

A security flaw has been discovered in soerennb eXtplorer up to 2.1.15. The affected element is an unknown function of the component Filename Handler. The manipulation results in cross site scripting. The attack may be launched remotely. The patch is identified as...

CVE-2025-12203

A weakness has been identified in givanz Vvveb up to 1.0.7.3. This issue affects the function sanitizeFileName of the file system/functions.php of the component Code Editor. Executing a manipulation of the argument File can lead to path traversal. The attack can be launched remotely. The exploit...

EUVD-2025-36065

A weakness has been identified in givanz Vvveb up to 1.0.7.3. This issue affects the function sanitizeFileName of the file system/functions.php of the component Code Editor. Executing manipulation of the argument File can lead to path traversal. The attack can be launched remotely. The exploit ha...

CVE-2025-12203 givanz Vvveb Code Editor functions.php sanitizeFileName path traversal

A weakness has been identified in givanz Vvveb up to 1.0.7.3. This issue affects the function sanitizeFileName of the file system/functions.php of the component Code Editor. Executing a manipulation of the argument File can lead to path traversal. The attack can be launched remotely. The exploit...

CVE-2025-11436

CVE-2025-11436 affects JhumanJ OpnForm up to version 1.9.3, where an unrestricted upload vulnerability exists in the /answer functionality. This allows remote attackers to upload arbitrary files, with the attack vector described as NETWORK and the impact including potential compromise of confiden...

PT-2025-41241

Name of the Vulnerable Software and Affected Versions Kilo Code versions prior to 4.86.0 Description A flaw exists in Kilo Code that allows for injection through manipulation of the ClineProvider function within the src/core/webview/ClineProvider.ts file of the Prompt Handler component. This issu...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414395)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414395 advisory. A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function deltimer of the file...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414390)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414390 advisory. A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfsbmaplookupatlevel of the file fs/nilfs2/inode.c of th...

EUVD-2025-25247

Malicious code in bioql PyPI...

A vulnerability was found in GNU C Library 2.38. It has been declared as critical. This vulnerability affects the function __monstartup of the file gmon.c of the component Call Graph Monitor. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. VDB-220246 is the identifier assigned to this vulnerability. NOTE: The real existence of this vulnerability is still doubted at the moment. The inputs that induce this vulnerability are basically addresses of the running application that is built with gmon enabled. It's basically trusted input or input that needs an actual security flaw to be compromised or controlled.

...

PT-2025-35409

Name of the Vulnerable Software and Affected Versions: givanz Vvveb version 1.0.7.2 Description: A security vulnerability exists in givanz Vvveb 1.0.7.2, affecting an unknown part of the app/template/user/login.tpl file. Manipulation of the Email/Password argument can lead to cross-site scripting...

Linux Distros Unpatched Vulnerability : CVE-2025-9157

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was determined in appneta tcpreplay up to 4.5.2-beta2. The impacted element is the function untruncpacket of the file src/tcpedit/editpacket.c o...

Linux Distros Unpatched Vulnerability : CVE-2023-1452

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in GPAC 2.3-DEV-rev35-gbbca86917-master. It has been declared as critical. Affected by this vulnerability is an unknown functionality ...

CVE-2025-9405

A security flaw has been discovered in Open5GS up to 2.7.5. The impacted element is the function gmmstateexception of the file src/amf/gmm-sm.c. The manipulation results in reachable assertion. It is possible to launch the attack remotely. The exploit has been released to the public and may be...

CVE-2025-9405 Open5GS gmm-sm.c gmm_state_exception assertion

A security flaw has been discovered in Open5GS up to 2.7.5. The impacted element is the function gmmstateexception of the file src/amf/gmm-sm.c. The manipulation results in reachable assertion. It is possible to launch the attack remotely. The exploit has been released to the public and may be...

CVE-2025-9397

A weakness has been identified in givanz Vvveb up to 1.0.7.2. Affected is an unknown function of the file /system/traits/media.php. Executing manipulation of the argument files can lead to unrestricted upload. The attack can be launched remotely. The exploit has been made available to the public...

PT-2025-34575 · Unknown · Givanz Vvveb

Name of the Vulnerable Software and Affected Versions: givanz Vvveb versions up to 1.0.7.2 Description: A weakness exists in givanz Vvveb that allows for unrestricted file upload. The issue is located in an unknown function within the /system/traits/media.php file. Manipulation of the files...

SUSE CVE-2025-9300

A vulnerability was found in saitoha libsixel up to 1.10.3. Affected by this issue is the function sixeldebugprintpalette of the file src/encoder.c of the component img2sixel. The manipulation results in stack-based buffer overflow. The attack must be initiated from a local position. The exploit...

CVE-2025-9301

CVE-2025-9301 affects cmake 4.1.20250725-gb5cce23. The issue is in cmForEachFunctionBlocker::ReplayItems (cmForEachCommand.cxx), allowing a locally launched attacker to trigger a reachable assertion. A public exploit has been disclosed. Patch: 37e27f71bc356d880c908040cd0cb68fa2c371b8. Affected ad...