Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: PCI/AER: Fixed NULL pointer access via aerinfo. The kzallocGFPKERNEL function may return NULL, resulting in kernel panic when accessing aerinfo-xxx. This issue has been fixed...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: Make sure the first directory block is not a hole. The syzbot constructs a directory that has no dirblock, but it is not inline; in other words, the first directory block is a hole. No errors are reported when creating file...

pentest-automation-framework

pentest-automation-framework Built this to speed up structure...

IASS-ISP-ASN-Security-Scanner

💀 IASS — ISP ASN Security Scanner Automated reconnaissance &...

gemini-bug-bounty

Gemini Bug Bounty Find security vulnerabilities, get paid...

metasploit-web-scanner-module

MSF Web Vulnerability Scanner Advanced Advanced Metasploit au...

VAPT-Practice-Labs

🔐 VAPT Practice Labs This repository contains my hands-on Vul...

offensive-security-labs

Offensive Security Labs — Penetration Testing on a Fictional T...

africa.absa:inception-api (>=1.0.0 <=1.2.0), africa.absa:inception-application (>=1.0.0 <=1.2.0) +39297 more potentially affected by CVE-2026-40973 via org.springframework.boot:spring-boot (>=1.0.0.RELEASE <=2.7.3)

org.springframework.boot:spring-boot MAVEN version =1.0.0.RELEASE, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =4.4.0.0, =4.6.0.0 and more Source cves: CVE-2026-40973 Source advisory: OSV:GHSA-WWPQ-F5C3-7HVX...

JLSEC-2026-224 SM2 Decryption Buffer Overflow

In order to decrypt SM2 encrypted data an application is expected to call the API function EVPPKEYdecrypt. Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size...

Malicious code in swisscom-ai-research-keyphrase (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e11009ce6f39424ab9bbe1470888a9f5be4f1252dab4c82a03d684d372eb7cc9 Package exploits dependency confusion. A beacon request is used to report usage back, but no additional information are exfiltrated. --- Category:...

MAL-2026-3046 Malicious code in swisscom-ai-research-keyphrase (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e11009ce6f39424ab9bbe1470888a9f5be4f1252dab4c82a03d684d372eb7cc9 Package exploits dependency confusion. A beacon request is used to report usage back, but no additional information are exfiltrated. --- Category:...

CVE_REQUESTS_references

CVEREQUESTSr...

Malicious code in ort-moe (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b07b0d9d87f411b1c481f50084190fdde34edfeb1c9b10368a23abba0ccbcbdc During import, package collects basic information about the system, performs deep fingerprinting, and reports the data to the remote target. The package...

DEBIAN-CVE-2026-31662

In the Linux kernel, the following vulnerability has been resolved: tipc: fix bcackers underflow on duplicate GRPACKMSG The GRPACKMSG handler in tipcgroupprotorcv currently decrements bcackers on every inbound group ACK, even when the same member has already acknowledged the current broadcast...

Milesight Cameras

RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device being accessed or allow remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Minimize network exposure...

SpiceJet Online Booking System

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose sensitive information. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Minimize network exposure for all...

Linux Distros Unpatched Vulnerability : CVE-2026-3890

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hcd-ohci: infinite loop NOTE: Fixed by: https://gitlab.com/qemu- project/qemu/-/commit/129922c2bc398b656a9180150e667f98fdf0d402 v11.0.0-rc1 CVE-2026-3890...

CVE-2026-31451 ext4: replace BUG_ON with proper error handling in ext4_read_inline_folio

In the Linux kernel, the following vulnerability has been resolved: ext4: replace BUGON with proper error handling in ext4readinlinefolio Replace BUGON with proper error handling when inline data size exceeds PAGESIZE. This prevents kernel panic and allows the system to continue running while...

CVE-2026-31443 dmaengine: idxd: Fix crash when the event log is disabled

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix crash when the event log is disabled If reporting errors to the event log is not supported by the hardware, and an error that causes Function Level Reset FLR is received, the driver will try to restore the...