EUVD-2025-7526

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-4729

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Graphite Web and classified as problematic. This issue affects some unknown processing of the component Template Name Handler. The...

CVE-2025-38444

CVE-2025-38444 affects the Linux kernel raid10 path. When raid10_read_request or raid10_write_request registers a new request with REQ_NOWAIT, a malloc from the mempool may not be freed, causing a memory leak. Connected docs confirm concrete fix in raid10_make_request and related raid10 handling ...

CVE-2025-3857

When reading binary Ion data through Amazon.IonDotnet using the RawBinaryReader class, Amazon.IonDotnet does not check the number of bytes read from the underlying stream while deserializing the binary format. If the Ion data is malformed or truncated, this triggers an infinite loop condition tha...

CVE-2025-2888

CVE-2025-2888 affects the Amazon tough client (The Update Framework) where, during a snapshot rollback, the client incorrectly caches timestamp metadata. If the next update checks this cache, update timestamp validation may fail, blocking subsequent updates until the cache is cleared. The issue i...

AZL-56770 CVE-2025-1215 affecting package vim for versions less than 9.1.0791-4

A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the local host. Upgrading to version 9.1.1097 is abl...

CVE-2024-20148

In wlan STA FW, there is a possible out of bounds write due to improper input validation. This could lead to remote proximal/adjacent code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389045 / ALPS09136494; Issue ID:...

perl-App-cpanminus security update

1.7044-14.1 - Patch the code to use https instead of http CVE-2024-45321 - Resolves: RHEL-56519...

CVE-2024-9029

A flaw was found in the freeimage library. Processing a crafted image can cause a buffer over-read of 1 byte in the readiptcprofile function in the Source/Metadata/IPTC.cpp file because the size of the profile is not being sanitized, causing a crash in the application linked to the library,...

Security update for global (important)

openSUSE Security Update: Security update for global Announcement ID: openSUSE-SU-2024:0210-1 Rating: important References: 1226420 Cross-References: CVE-2024-38448 Affected Products: openSUSE Backports SLE-15-SP5 An update that fixes one vulnerability is now available. Description: This update f...

CGA-H27F-7F4M-7V88

Bulletin has no description...

SUSE CVE-2019-20633

GNU patch through 2.7.6 contains a freeplinepend Double Free vulnerability in the function anotherhunk in pch.c that can cause a denial of service via a crafted patch file. NOTE: this issue exists because of an incomplete fix for CVE-2018-6952...

CVE-2022-4455

A vulnerability was identified in sproctor php-calendar up to 2.0.13. This impacts an unknown function of the file index.php. Such manipulation of the argument $SERVER'PHPSELF' leads to cross site scripting. The attack may be launched remotely. The name of the patch is...

Apache Tomcat Remote Code Execution（CVE-2016-8735）

Update 12/04 : the need to note that in conf/server,xml to increase the configuration, you need the catalina-jmx-remote. the jar and the groovy-2.3.9. jar package into lib directory And modify the CATALINAOPTS"-Dcom. sun. management. jmxremote. ssl=false-Dcom. sun. management. jmxremote...

Cisco ASA - Authentication Bypass 'EXTRABACON' (Improved Shellcode) (69 bytes)

; ; Cisco ASA Authentication Bypass EXTRABACON Better Shellcode 69 bytes ; ; Copyright: c 2016 RiskSense, Inc. https://risksense.com ; License: http://opensource.org/licenses/MIT ; Release Date: September 15, 2016 ; ; Author: Sean Dillon 2E3C8D72353C9B8C9FF797E753EC4C9876D5727B ; ; Description: ;...

Samba 3.5.223.6.174.0.8 - nttrans Reply Integer Overflow

Samba 3.5.223.6.174.0.8 - nttrans Reply Integer Overflow Exploitation: samba nttrans reply integer overflow / \ / \ | || | | | \ / / . || | | | / | handlenttrans +- callnttransactcreate // transact! - readnttrnsealistvulnerable function security bug analyze smbd/nttrans.c ---- snip ---- snip ----...

SUSE-SA:2006:045: freetype2

The remote host is missing the patch for the advisory SUSE-SA:2006:045 freetype2. This security update fixes crashes in the PCF handling of freetype2 which might be used to crash freetype2 using applications or even to execute code in them. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Thi...

solaris/sparc connect-back (with XNOR encoded session) 600 bytes

No description provided by source. / black-RXenc-con-back-SOLARIS.c MIPS This is a relitivly small 600 byte shellcode that encodes all network trafic between the exploited process and the attacker. All clear-text shell i/o is encoded using a simple NOT algo before being transmitted on the wire...