CVE-2025-65951

Inside Track / Entropy Derby is a research-grade horse-racing betting engine. Prior to commit 2d38d2f, the VDF-based timelock encryption system fails to enforce sequential delay against the betting operator. Bettors pre-compute the entire Wesolowski VDF and include vdfOutputHex in their encrypted...

EUVD-2025-199528

Inside Track / Entropy Derby is a research-grade horse-racing betting engine. Prior to commit 2d38d2f, the VDF-based timelock encryption system fails to enforce sequential delay against the betting operator. Bettors pre-compute the entire Wesolowski VDF and include vdfOutputHex in their encrypted...

PT-2025-47817

Name of the Vulnerable Software and Affected Versions thread-amount versions prior to 0.2.2 Description The thread-amount tool, used to determine the number of threads in a process, contains resource leaks when obtaining thread counts on Windows and Apple platforms. On Windows, the thread amount...

PT-2025-47656

Name of the Vulnerable Software and Affected Versions Claude Code versions prior to 2.0.31 Description Claude Code is an agentic coding tool that had a critical remote code execution issue. Prior to version 2.0.31, an error in sed command parsing allowed bypassing the read-only validation, enabli...

CVE-2025-65033

Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an authorization flaw in the poll management feature allows any authenticated user to pause or resume any poll, regardless of ownership. The system only uses the public pollId to identify polls, and it does not...

CVE-2025-65022

CVE-2025-65022 describes an authenticated time-based SQL injection in i-Educar up to version 2.10.0, in the intranet/agenda.php script. The issue arises from the cod_agenda parameter being directly concatenated into SQL queries without sanitization, allowing an authenticated user to execute arbit...

EUVD-2019-0468

Malware in sbrugna...

EUVD-2021-28284

Malicious code in bioql PyPI...

EUVD-2022-1386

Malicious code in bioql PyPI...

EUVD-2024-42685

Malicious code in bioql PyPI...

PT-2025-36480

Name of the Vulnerable Software and Affected Versions: SimStudioAI sim versions up to 1.0.0 Description: A vulnerability exists in SimStudioAI sim that allows for server-side request forgery. The issue is related to the manipulation of the filePath argument within a file located at...

Logging user input may result in poisoning logs with ANSI escape sequences

Previous versions of tracing-subscriber were vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be injected into terminal output when logged, potentially allowing attackers to: - Manipulate terminal title bars - Clear screens or modif...

traQ Allows Insertion of Sensitive Information into Log File

Impact A vulnerability exists where sensitive information, such as OAuth tokens, is recorded in log files when an error occurs during the execution of an SQL query. An attacker could intentionally trigger an SQL error by methods such as placing a high load on the database. This could allow an...

PT-2025-33536

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in ksmbd where repeated connections from clients using the same IP address can exhaust connection limits, potentially preventing legitimate client...

ROOT-OS-UBUNTU-2204-CVE-2025-27613 CVE-2025-27613 in rootio-git - Patched by Root

Root has patched CVE-2025-27613 in the rootio-git package for Root:Ubuntu:22.04. Multiple fixed versions available...

ROOT-OS-DEBIAN-12-CVE-2024-21892 CVE-2024-21892 in rootio-nodejs - Patched by Root

Root has patched CVE-2024-21892 in the rootio-nodejs package for Root:Debian:12. Multiple fixed versions available...

ROOT-OS-DEBIAN-12-CVE-2024-24758 CVE-2024-24758 in rootio-node-undici - Patched by Root

Root has patched CVE-2024-24758 in the rootio-node-undici package for Root:Debian:12. Multiple fixed versions available...

ROOT-OS-DEBIAN-12-CVE-2021-35331 CVE-2021-35331 in rootio-tcl8.6 - Patched by Root

Root has patched CVE-2021-35331 in the rootio-tcl8.6 package for Root:Debian:12. Multiple fixed versions available...

Linux Distros Unpatched Vulnerability : CVE-2024-35856

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: mediatek: Fix double free of skb in coredump hcidevcdappend would free the...

Linux Distros Unpatched Vulnerability : CVE-2021-47099

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: veth: ensure skb entering GRO are not cloned. After commit d3256efd8e8b veth: allow enabling...