DEBIAN-CVE-2025-32735

Improper conditions check in some firmware for some IntelR NPU Drivers within Ring 1: Device Drivers may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via...

Intel NPU Driver Advisory - Lenovo Support US

No description provided...

iperf3: iperf Heap Buffer Overflow

A flaw was found in iperf3. An off-by-one error in the iperfauth.c file leads to a heap-based buffer overflow, potentially allowing a network attacker to trigger an application-level denial of service. This overflow occurs during the processing of authentication data. The vulnerability can only b...

iperf3: iperf Heap Buffer Overflow

A flaw was found in iperf3. An off-by-one error in the iperfauth.c file leads to a heap-based buffer overflow, potentially allowing a network attacker to trigger an application-level denial of service. This overflow occurs during the processing of authentication data. The vulnerability can only b...

Worklenz SQL注入漏洞

Worklenz is a project management tool developed under open source in Worklenz. Versions of Worklenz prior to 2.1.7 contained a SQL injection vulnerability. This vulnerability stemmed from multiple SQL injection points in the backend SQL queries, affecting functions such as project task management...

AMD GPU Timing-Based Side Channels

Revisions Revision Date| Description ---|--- 2026-02-10| Initial publication...

Intel Processors 安全漏洞

Intel Processors are a series of processors developed by the American company Intel. There are security vulnerabilities in Intel Processors, which stem from improper numerical processing and may lead to privilege escalation...

PT-2026-7252

Name of the Vulnerable Software and Affected Versions Simcenter Femap versions prior to 2512 Simcenter Nastran versions prior to 2512 Description The applications contain an out of bounds write issue when processing specially created XDB files. Successful exploitation could allow an attacker to...

libssh 安全漏洞

libssh is a C-language development package from the libssh organization that allows access to SSH services. It can execute remote commands, transfer files, and provide a secure transmission channel for remote programs. libssh has security vulnerabilities, which stem from inefficient regular...

📄 crypto/x509 TLS Certificate Parsing

This Go program demonstrates a theoretical denial of service risk associated with handling unusually large X.509 certificates in TLS connections. It programmatically generates a self-signed certificate containing a very large number of Subject Alternative Names SANs and configures an HTTP client ...

CVE-2026-0845

The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'WCFMSettingsController::processing' function in...

CVE-2026-25923

my little forum is a PHP and MySQL based internet forum that displays the messages in classical threaded view. Prior to 20260208.1, the application fails to filter the phar:// protocol in URL validation, allowing attackers to upload a malicious Phar Polyglot file disguised as JPEG via the image...

CVE-2026-25923

CVE-2026-25923 affects My Little Forum (PHP/MySQL). Before version 20260208.1, URL validation fails to filter the phar:// protocol, enabling an attacker to upload a malicious Phar Polyglot file (disguised as JPEG) via the image upload feature. The exploit triggers Phar deserialization during BBCo...

CVE-2026-25923 Phar Deserialization leading to Arbitrary File Deletion in my little forum

my little forum is a PHP and MySQL based internet forum that displays the messages in classical threaded view. Prior to 20260208.1, the application fails to filter the phar:// protocol in URL validation, allowing attackers to upload a malicious Phar Polyglot file disguised as JPEG via the image...

CVE-2026-25923 Phar Deserialization leading to Arbitrary File Deletion in my little forum

my little forum is a PHP and MySQL based internet forum that displays the messages in classical threaded view. Prior to 20260208.1, the application fails to filter the phar:// protocol in URL validation, allowing attackers to upload a malicious Phar Polyglot file disguised as JPEG via the image...

Security Bulletin: IBM® Db2® is vulnerable to external entities parsing in XML (CVE-2025-36247)

Summary IBM® Db2® is vulnerable to an XML external entity injection XXE attack when processing XML data. Vulnerability Details CVEID:CVE-2025-36247 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server is vulnerable to an XML external entity injection XXE attack when...

iperf3: iperf Heap Buffer Overflow

A flaw was found in iperf3. An off-by-one error in the iperfauth.c file leads to a heap-based buffer overflow, potentially allowing a network attacker to trigger an application-level denial of service. This overflow occurs during the processing of authentication data. The vulnerability can only b...

ROS-20260209-73-0010

Vulnerability in python-xmltodict related to errors in xml query processing. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code...

GnuTLS 安全漏洞

GnuTLS is an open-source, free security communication library developed by GnuTLS that enables the implementation of SSL, TLS, and DTLS protocols. GnuTLS has a security vulnerability that stems from excessive CPU and memory consumption when processing specially crafted malicious certificates, whi...

CVE-2026-2176 code-projects Contact Management System index.py sql injection

A security vulnerability has been detected in code-projects Contact Management System 1.0. This issue affects some unknown processing of the file index.py. Such manipulation of the argument selecteditem0 leads to sql injection. The attack can be executed remotely...