EUVD-2023-57649

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-21854

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: sockmap, vsock: For connectible sockets allow only connected sockmap expects all vsocks to...

CVE-2025-50181

urllib3 is a user-friendly HTTP client library for Python. Prior to 2.5.0, it is possible to disable redirects for all requests by instantiating a PoolManager and specifying retries in a way that disable redirects. By default, requests and botocore users are not affected. An application attemptin...

Apache Tomcat CVE-2025-24813: What You Need to Know

Here at Rapid7, our usual bar for calling a vulnerability an emergent threat is either known exploitation at scale, or likelihood of exploitation at scale. Apache Tomcat CVE-2025-24813 fulfills neither of these criteria, despite a variety of news headlines alleging broad exploitation in the wild...

kernel: ovl: fix use after free in struct ovl_aio_req

A use-after-free flaw was found in the Linux kernel’s Ext4 File System in how a user triggers several file operations simultaneously with the overlay FS usage. This flaw allows a local user to crash or potentially escalate their privileges on the system. Only if patch 9a2544037600 "ovl: fix use...

polsterei-reinke.de Improper Access Control vulnerability OBB-3780054

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2021-36934

An elevation of privilege vulnerability exists because of overly permissive Access Control Lists ACLs on multiple system files, including the Security Accounts Manager SAM database. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An...

jabberd -- denial-of-service vulnerability

José Antonio Calvo discovered a bug in the Jabber 1.x server. According to Matthias Wimmer: Without this patch, it is possible to remotly crash jabberd14, if there is access to one of the following types of network sockets: Socket accepting client connections Socket accepting connections from oth...

SUSE-SA:2002:035: hylafax

The remote host is missing the patch for the advisory SUSE-SA:2002:035 hylafax. HylaFAX is a client-server architecture for receiving and sending facsimiles. The logging function of faxgetty prior version 4.1.3 was vulnerable to a format string bug when handling the TSI value of a received...

Solaris 2.5.1 (x86) : 108803-02

SunOS 5.5.1x86: /usr/bin/tip patch. Date this patch was last updated by Sun : Jun/19/01 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if !...

MondoSearch show the source of all files

MondoSearch show the source of all files -------------------------------------------- Affected Program: MondoSearch 4.4 possibly earlier versions too, but not tested Vendor: http://www.mondosoft.com Vendor Status: not informed yet Discovery Date: 10 oct 2002 Problem ------- You can see the source...

CVE-2017-1054

...