CVE-2025-1889 picklescan - Security scanning bypass via non-standard file extensions

picklescan before 0.0.22 only considers standard pickle file extensions in the scope for its vulnerability scan. An attacker could craft a malicious model that uses Pickle and include a malicious pickle file with a non-standard file extension. Because the malicious pickle file inclusion is not...

CVE-2025-1868

Vulnerability of unauthorized exposure of confidential information affecting Advanced IP Scanner and Advanced Port Scanner. It occurs when these applications initiate a network scan, inadvertently sending the NTLM hash of the user performing the scan. This vulnerability can be exploited by...

CVE-2025-1868

CVE-2025-1868 describes an NTLM leakage vulnerability in Famatech’s Advanced IP Scanner and Advanced Port Scanner. When a network scan is initiated, the tools may emit the NTLM hash of the scanning user, enabling an attacker to intercept traffic to a legitimate or fake server to extract the user ...

CVE-2025-1868 Information display on multiple products from Famatech Corp

Vulnerability of unauthorized exposure of confidential information affecting Advanced IP Scanner and Advanced Port Scanner. It occurs when these applications initiate a network scan, inadvertently sending the NTLM hash of the user performing the scan. This vulnerability can be exploited by...

How to Create a Scan for Local File Inclusion

This whitepaper covers how to create a scan in Perl to identify different types of local file inclusion in web applications. Depending on the context of the environment and architecture, the content of the paper can be applied to APIs in addition to presenting how to correct or avoid local file...

How to Create a Scan to Identify Reflected XSS

This whitepaper covers how to create a scan in Perl to identify reflected cross site scripting in web applications. Depending on the context of the environment and architecture, the content of the paper can be applied to APIs in addition to presenting how to correct or avoid reflective cross site...

SUSE CVE-2024-58015

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix for out-of bound access error Selfgen stats are placed in a buffer using printarraytobufindex function. Array length parameter passed to the function is too big, resulting in possible out-of bound memory error...

SUSE CVE-2025-21729

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix race between cancelhwscan and hwscan completion The rtwdev-scanning flag isn't protected by mutex originally, so cancelhwscan can pass the condition, but suddenly hwscan completion unset the flag and calls...

CVE-2025-25785

JizhiCMS v2.5.4 was discovered to contain a Server-Side Request Forgery SSRF via the component \c\PluginsController.php. This vulnerability allows attackers to perform an intranet scan via a crafted request...

UBUNTU-CVE-2024-58015

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix for out-of bound access error Selfgen stats are placed in a buffer using printarraytobufindex function. Array length parameter passed to the function is too big, resulting in possible out-of bound memory error...

SUSE CVE-2022-49231

In the Linux kernel, the following vulnerability has been resolved: rtw88: fix memory overrun and memory leak during hwscan Previously we allocated less memory than actual required, overwrite to the buffer causes the mm module to complaint and raise access violation faults. Along with potential...

SUSE CVE-2022-49276

In the Linux kernel, the following vulnerability has been resolved: jffs2: fix memory leak in jffs2scanmedium If an error is returned in jffs2scaneraseblock and some memory has been added to the jffs2summary s, we can observe the following kmemleak report:...

SUSE CVE-2022-49523

In the Linux kernel, the following vulnerability has been resolved: ath11k: disable spectral scan during spectral deinit When ath11k modules are removed using rmmod with spectral scan enabled, crash is observed. Different crash trace is observed for each crash. Send spectral scan disable WMI...

AZL-58041 CVE-2024-57977 affecting package kernel for versions less than 5.15.179.1-1

In the Linux kernel, the following vulnerability has been resolved: memcg: fix soft lockup in the OOM process A soft lockup issue was found in the product with about 56,000 tasks were in the OOM cgroup, it was traversing them when the soft lockup was triggered. watchdog: BUG: soft lockup - CPU2...

UBUNTU-CVE-2025-21729

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix race between cancelhwscan and hwscan completion The rtwdev-scanning flag isn't protected by mutex originally, so cancelhwscan can pass the condition, but suddenly hwscan completion unset the flag and calls...

CVE-2024-58015

CVE-2024-58015 affects the Linux kernel wifi driver ath12k. The root cause is an out-of-bounds memory access in self-generated stats where an overly large length is passed to print_array_to_buf_index(). The fix reduces the buffer size by one to correct the upper bound. Impact is described as an o...

CVE-2024-58015 wifi: ath12k: Fix for out-of bound access error

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix for out-of bound access error Selfgen stats are placed in a buffer using printarraytobufindex function. Array length parameter passed to the function is too big, resulting in possible out-of bound memory error...

CVE-2024-58015 wifi: ath12k: Fix for out-of bound access error

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix for out-of bound access error Selfgen stats are placed in a buffer using printarraytobufindex function. Array length parameter passed to the function is too big, resulting in possible out-of bound memory error...

CVE-2024-58015

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix for out-of bound access error Selfgen stats are placed in a buffer using printarraytobufindex function. Array length parameter passed to the function is too big, resulting in possible out-of bound memory error...

CVE-2025-21729

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix race between cancelhwscan and hwscan completion The rtwdev-scanning flag isn't protected by mutex originally, so cancelhwscan can pass the condition, but suddenly hwscan completion unset the flag and calls...