CVE-2026-47261

Wasmtime is a runtime for WebAssembly. In versions prior to 24.0.9, 36.0.10, and 44.0.2, when a filesystem preopen is given DirPerms::all and FilePerms::READ without FilePerms::WRITE, this access control mechanism can be bypassed via the wasip2 descriptor.open-at or wasip1 pathopen interfaces by...

CVE-2026-42315

pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, when passing a folder name in the setpackagedata API function call inside the data object with key "folder", there is no sanitization at all, allowing a user with Perms.MODIFY to specify arbitrary...

Security update for clamav

This update for clamav fixes the following issues: Update to clamav 1.5.2: Security issue: CVE-2026-20031: improper error handling in the HTML CSS module when splitting UTF-8 strings can lead to denial of service conditions via a crafted HTML file bsc1259207. Non security issue: Support...

CVE-2025-69634

Cross Site Request Forgery vulnerability in Dolibarr ERP & CRM v.22.0.9 allows a remote attacker to escalate privileges via the notes field in perms.php...

SUSE CVE-2025-40184

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix debug checking for np-guests using huge mappings When running with transparent huge pages and CONFIGNVHEEL2DEBUG then the debug checking in asserthostsharedguest fails on the launch of an np-guest. This WARNON...

EUVD-2025-150390

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix debug checking for np-guests using huge mappings When running with transparent huge pages and CONFIGNVHEEL2DEBUG then the debug checking in asserthostsharedguest fails on the launch of an np-guest. This WARNON...

CVE-2025-40184

The CVE-2025-40184 entry documents a Linux kernel KVM/arm64 vulnerability: when using transparent huge pages with NVHE EL2 debug, the debug check in assert_host_shared_guest() may trigger a WARN_ON leading to a host panic. The issue arises because __pkvm_host_relax_perms_guest() assumes a single-...

Malicious code in test-mlw2-perms-inurn-lores-decks (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-48876 Malicious code in test-mlw2-perms-inurn-lores-decks (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in test-mlw1-perms-inurn-lores-decks (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-47148 Malicious code in @nativescript-community/perms (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bc3fd96213519273f7b1eb5a8c0fd5d3b40c41fccda225d8d442dc2d3f44b882 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

@censujiang/nativescript-local-notifications (=6.4.0), @nativescript-community/audio (=6.4.14) +4 more potentially affected by unknown CVE via @nativescript-community/perms (>=3.0.11 <=3.0.3)

@nativescript-community/perms NPM version =3.0.11, =3.1.20, =7.0.0, =1.0.4, =0.0.1, =0.1.0 Source cves: unknown CVE Source advisory: SNYK:JS-NATIVESCRIPTCOMMUNITYPERMS-12704723...

Avada < 7.11.2 - Subscriber+ Portfolio Permalinks Creation

Description The theme is vulnerable to unauthorized modification of data due to a missing capability check, allowing any authenticated attackers, with such as subscriber and above, to save Portfolio permalinks...

CVE-2020-8510

An issue was discovered in phpABook 0.9 Intermediate. On the login page, if one sets a userInfo cookie with the value of admin+1+en user+perms+lang, one can login as any user without a password...

Adaudit - Powershell Script To Do Domain Auditing Automation

PowerShell Script to perform a quick AD audit | | \ | | | || | | | | | | | | | . | | | |||/ ||||||| by phillips321 If you have any decent powershell one liners that could be used in the script please let me know. I'm trying to keep this script as a single file with no requirements on external too...

Fedora 26 : php-symfony (2017-4fcbd8a4c3)

2.8.25 2017-07-17 - security 23507 Security validate empty passwords again xabbuh - bug 23526 HttpFoundation Set meta refresh time to 0 in RedirectResponse content jnvsor - bug 23540 Disable inlining deprecated services alekitto - bug 23468 DI Handle root namespace in service definitions ro0NL -...

[SECURITY] Fedora 22 Update: php-horde-Horde-Perms-2.1.6-1.fc22

The Perms package provides an interface to the Horde permissions system...

[SECURITY] Fedora 23 Update: php-horde-Horde-Perms-2.1.6-1.fc23

The Perms package provides an interface to the Horde permissions system...

Fedora Core 10 FEDORA-2009-3761 (prewikka)

The remote host is missing an update to prewikka announced via advisory FEDORA-2009-3761. OpenVAS Vulnerability Test $Id: fcore20093761.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-3761 prewikka Authors: Thomas Reinke Copyright: Copyright c 2009...