Malicious code in hamubika (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c55b19e3a5ae01340f8c4aa8a68372eda1a6d5646f63a26658a1df75b4a2cf0c Packages that either reports home installation, simulate malicious activity or imitate Roblox API wrapper. --- Category: PROBABLYPENTEST - Packages looking lik...

MAL-2025-191747 Malicious code in hamubika (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c55b19e3a5ae01340f8c4aa8a68372eda1a6d5646f63a26658a1df75b4a2cf0c Packages that either reports home installation, simulate malicious activity or imitate Roblox API wrapper. --- Category: PROBABLYPENTEST - Packages looking lik...

Security update for the Linux Kernel (Live Patch 69 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122261 fixes several issues. The following security issues were fixed: CVE-2022-50386: Bluetooth: L2CAP: Fix user-after-free bsc1250302. CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns bsc1248673. CVE-2025-21971:...

EUVD-2025-35002

A vulnerability was found in ChurchCRM up to 5.18.0. This vulnerability affects unknown code of the file setup/routes/setup.php. Performing manipulation of the argument DBPASSWORD/ROOTPATH/URL results in deserialization. The attack may be initiated remotely. The attack's complexity is rated as...

EUVD-2025-35003

A security vulnerability has been detected in LibreWolf up to 143.0.4-1 on Windows. This affects an unknown function of the file assets/setup.nsi of the component Installer. Such manipulation leads to uncontrolled search path. The attack must be carried out locally. Attacks of this nature are...

CVE-2025-11940 LibreWolf Installer setup.nsi uncontrolled search path

A security vulnerability has been detected in LibreWolf up to 143.0.4-1 on Windows. This affects an unknown function of the file assets/setup.nsi of the component Installer. Such manipulation leads to uncontrolled search path. The attack must be carried out locally. Attacks of this nature are...

CVE-2025-11940

The CVE-2025-11940 vulnerability affects LibreWolf up to 143.0.4-1 on Windows, tied to an unknown function in assets/setup.nsi of the Installer component. It enables an uncontrolled search path and requires local access from the attacker; the exploitability is described as difficult. A fix is ava...

CVE-2025-11938

A vulnerability was found in ChurchCRM up to 5.18.0. This vulnerability affects unknown code of the file setup/routes/setup.php. Performing a manipulation of the argument DBPASSWORD/ROOTPATH/URL results in deserialization. The attack may be initiated remotely. The attack's complexity is rated as...

CVE-2025-11938 ChurchCRM setup.php deserialization

A vulnerability was found in ChurchCRM up to 5.18.0. This vulnerability affects unknown code of the file setup/routes/setup.php. Performing a manipulation of the argument DBPASSWORD/ROOTPATH/URL results in deserialization. The attack may be initiated remotely. The attack's complexity is rated as...

CVE-2025-11938 ChurchCRM setup.php deserialization

A vulnerability was found in ChurchCRM up to 5.18.0. This vulnerability affects unknown code of the file setup/routes/setup.php. Performing a manipulation of the argument DBPASSWORD/ROOTPATH/URL results in deserialization. The attack may be initiated remotely. The attack's complexity is rated as...

CVE-2025-11938

ChurchCRM up to version 5.18.0 is affected by a deserialization vulnerability in the file setup/routes/setup.php. The issue arises when user-controlled values for DB_PASSWORD, ROOT_PATH, or URL are deserialized, enabling remote exploitation. Multiple connected reports consolidate this as a remote...

Exploit for Deserialization of Untrusted Data in Huggingface Transformers

Running - have docker and uv installed, then clone repo and run...

AlmaLinux 10 : kernel (ALSA-2025:17776)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:17776 advisory. kernel: HID: core: Harden s32ton against conversion to 0 bits CVE-2025-38556 kernel: wifi: ath12k: Decrement TID on RX peer frag setup error handling...

F5 BIG-IP 安全漏洞

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, and remote access policy management. A memory resource management vulnerability exists in the TMM module of BIG-IP Next. The vulnerability arises because after...

Linux Distros Unpatched Vulnerability : CVE-2025-39956

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - igc: don't fail igcprobe on LED setup error When igcledsetup fails, igcprobe fails and triggers kernel panic in freenetdev since unregisternetdev is not called....

CVE-2025-11525

A vulnerability has been found in Tenda AC7 15.03.06.44. Impacted is an unknown function of the file /goform/SetUpnpCfg. Such manipulation of the argument upnpEn leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used...

SUSE CVE-2025-39956

In the Linux kernel, the following vulnerability has been resolved: igc: don't fail igcprobe on LED setup error When igcledsetup fails, igcprobe fails and triggers kernel panic in freenetdev since unregisternetdev is not called. 1 This behavior can be tested using fault-injection framework,...

Exploit for Signal Handler Race Condition in Sonicwall Sma_6200_Firmware

CCTV-Hacking-Simulated-Environment-Only Repository purpose:...

EUVD-2025-33327

In the Linux kernel, the following vulnerability has been resolved: igc: don't fail igcprobe on LED setup error When igcledsetup fails, igcprobe fails and triggers kernel panic in freenetdev since unregisternetdev is not called. 1 This behavior can be tested using fault-injection framework,...

CVE-2025-39956

In the Linux kernel, the following vulnerability has been resolved: igc: don't fail igcprobe on LED setup error When igcledsetup fails, igcprobe fails and triggers kernel panic in freenetdev since unregisternetdev is not called. 1 This behavior can be tested using fault-injection framework,...