CVE-2025-59431

MapServer is a system for developing web-based GIS applications. Prior to 8.4.1, the XML Filter Query directive PropertyName is vulnerably to Boolean-based SQL injection. It seems like expression checking is bypassed by introducing double quote characters in the PropertyName. Allowing to manipula...

CVE-2025-39866

In the Linux kernel, the following vulnerability has been resolved: fs: writeback: fix use-after-free in markinodedirty An use-after-free issue occurred when markinodedirty get the bdiwriteback that was in the progress of switching. CPU: 1 PID: 562 Comm: systemd-random- Not tainted...

CVE-2025-39847

In the Linux kernel, the following vulnerability has been resolved: ppp: fix memory leak in padcompressskb If allocskb fails in padcompressskb, it returns NULL without releasing the old skb. The caller does: skb = padcompressskbppp, skb; if !skb goto drop; drop: kfreeskbskb; When padcompressskb...

CVE-2025-39854

In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL access of tx-inuse in icelltsintr Recent versions of the E810 firmware have support for an extra interrupt to handle report of the "low latency" Tx timestamps coming from the specialized low latency firmware...

CVE-2025-39851

In the Linux kernel, the following vulnerability has been resolved: vxlan: Fix NPD when refreshing an FDB entry with a nexthop object VXLAN FDB entries can point to either a remote destination or an FDB nexthop group. The latter is usually used in EVPN deployments where learning is disabled...

CVE-2025-10492

A Java deserialisation vulnerability has been discovered in Jaspersoft Library. Improper handling of externally supplied data may allow attackers to execute arbitrary code remotely on systems that use the affected library...

CVE-2024-39341

creationtimestamp| type| source ---|---|--- 2024-09-23 21:20:12+00:00| seen| https://t.me/cvedetector/6199 2024-09-23 21:20:13+00:00| seen| https://t.me/cvedetector/6200...

detail.br.oppo.rozbuzz.com Cross Site Scripting vulnerability OBB-1359900

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

SHA-2 code signing support update for Windows Server 2008 R2, Windows 7, and Windows Server 2008: September 23, 2019

SHA-2 code signing support update for Windows Server 2008 R2, Windows 7, and Windows Server 2008: September 23, 2019 Notice This security update was released March 12, 2019 for Windows 7 SP1 and Windows Server 2008 R2 SP1. This security update was updated May 14, 2019 to add support for Windows...

bbs.jpcanada.com XSS vulnerability

Open Bug Bounty ID: OBB-310824 Description| Value ---|--- Affected Website:| bbs.jpcanada.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Threat Outbreak Alert RuleID25205: Email Messages Distributing Malicious Software on September 23, 2016

Medium Alert ID: 49009 First Published: 2016 September 23 15:11 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID25205 may contain the following files: Name ...

Cisco IOS and IOS XE Software IPv6 First Hop Security Denial of Service Vulnerabilities

Two vulnerabilities in the IPv6 first hop security feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. Cisco has released software updates that address these vulnerabilities. There are no workarounds to mitigate these...

Threat Outbreak Alert RuleID18186: Email Messages Distributing Malicious Software on September 23, 2015

Medium Alert ID: 41157 First Published: 2015 September 23 12:37 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID18186 may contain the following files: Name ...

MindSculpt CMS - SQL Injection

MindSculpt CMS - SQL Injection MindSculpt's new CMS™ Content Management System SQL injection vulnerability - cid0 Author : kaMtiEz [email protected] Homepage : http://www.indonesiancoder.com Date : September 23, 2009 //////\ ///////\ //////\ //////\ //////\ -=- KILL-9...

Joomla / Mambo Tupinambis SQL Injection

Exploit for unknown platform in category web applications ===================================== Joomla/Mambo Tupinambis SQL Injection ===================================== Mambo/Joomla SQL Injection Vulneralbility Component : comtupinambis Release : September 23, 2009...

Mambo / Joomla Tupinambis SQL Injection

Mambo/Joomla SQL Injection Vulneralbility Component : comtupinambis Release : September 23, 2009 -------------------------------------------------- .---..-..-..-.,-..-..-..-. .---..---..---..----. | |'| || || . | || || | | |- \ \ | |'| || | -' ----'-'-'----'----'---'---' -' ----'...

Mozilla Foundation Security Advisory 2008-39

Mozilla Foundation Security Advisory 2008-39 Title: Privilege escalation using feed preview page and XSS flaw Impact: Critical Announced: September 23, 2008 Reporter: mozbugra4 Products: Firefox Fixed in: Firefox 2.0.0.17 Description Mozilla security researcher mozbugra4 reported a series of...