EUVD-2022-46039

Malicious code in bioql PyPI...

CVE-2025-38334

In the Linux kernel, the following vulnerability has been resolved: x86/sgx: Prevent attempts to reclaim poisoned pages TL;DR: SGX page reclaim touches the page to copy its contents to secondary storage. SGX instructions do not gracefully handle machine checks. Despite this, the existing SGX code...

CVE-2023-51051

S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the Atextauth parameter at /admin/ajax.php...

CVE-2025-29661

creationtimestamp| type| source ---|---|--- 2025-04-17 18:54:20+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmzrqxzxj32a 2025-04-17 20:30:16+00:00| seen| https://t.me/cvedetector/23246...

CVE-2025-1300

creationtimestamp| type| source ---|---|--- 2025-02-28 13:27:11+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5901 2025-02-28 13:49:05+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ljakcuonjd2y 2025-02-28 15:21:22+00:00| seen| https://t.me/cvedetector/19150...

WordPress Newsletters plugin <= 4.9.5 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Peng Zhou Patchstack Alliance in WordPress Plugin Newsletters versions = 4.9.5...

GSD-2023-1000787 bpf: Clobber stack slot when writing over spilled PTR_TO_BTF_ID

bpf: Clobber stack slot when writing over spilled PTRTOBTFID This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...

GSD-2023-1000064 powerpc/bpf/32: Fix Oops on tail call tests

powerpc/bpf/32: Fix Oops on tail call tests This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.12 by commit...

GSD-2022-1007913 ata: libata-transport: fix error handling in ata_tlink_add()

ata: libata-transport: fix error handling in atatlinkadd This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.80 by commit...

CVE-2022-29279

Use of a untrusted pointer allows tampering with SMRAM and OS memory in SdHostDriver and SdMmcDevice Use of a untrusted pointer allows tampering with SMRAM and OS memory in SdHostDriver and SdMmcDevice. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: versi...

GSD-2022-1007419 platform/chrome: fix memory corruption in ioctl

platform/chrome: fix memory corruption in ioctl This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.220 by commit...

GSD-2022-1003434 ASoC: mediatek: Fix missing of_node_put in mt2701_wm8960_machine_probe

ASoC: mediatek: Fix missing ofnodeput in mt2701wm8960machineprobe This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.46 by commit...

CSZ CMS 1.3.0 - &#039;Multiple&#039; Blind SQLi

Exploit Title: CSZ CMS 1.3.0 - 'Multiple' Blind SQLi Date: 2021-04-22 Exploit Author: Dogukan Dincer Vendor Homepage: https://www.cszcms.com/ Software Link: https://sourceforge.net/projects/cszcms/files/install/CSZCMS-V1.3.0.zip/download Version: 1.3.0 Tested on: Kali Linux, Windows 10, PHP 7.2.4...

GSD-2022-1002129 mm,hwpoison: unmap poisoned page before invalidation

mm,hwpoison: unmap poisoned page before invalidation This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.110 by commit...

GSD-2022-1000576 drm/amd/display: watermark latencies is not enough on DCN31

drm/amd/display: watermark latencies is not enough on DCN31 This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.22 by commit...

GSD-2021-1002053 scsi: qla2xxx: Fix a memory leak in an error path of qla2x00_process_els()

scsi: qla2xxx: Fix a memory leak in an error path of qla2x00processels This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.76 by commit...

GSD-2021-1001527 usb: dwc2: check return value after calling platform_get_resource()

usb: dwc2: check return value after calling platformgetresource This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.250 by commit...

GSD-2021-1001282 fbmem: Do not delete the mode that is still in use

fbmem: Do not delete the mode that is still in use This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.52 by commit...

UVI-2021-1000270 drm/amd/display: Free local data after use

drm/amd/display: Free local data after use This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.4 by commit...

Over 4000 Android Apps Expose Users' Data via Misconfigured Firebase Databases

More than 4,000 Android apps that use Google's cloud-hosted Firebase databases are 'unknowingly' leaking sensitive information on their users, including their email addresses, usernames, passwords, phone numbers, full names, chat messages and location data. The investigation, led by Bob Diachenko...