Linux Distros Unpatched Vulnerability : CVE-2025-37858

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/jfs: Prevent integer overflow in AG size calculation The JFS filesystem calculates allocation group AG size using 1 2TB aggregates on 32-bit systems, this...

CVE-2012-10035

CVE-2012-10035 affects Turbo FTP Server versions 1.30.823 and 1.30.826. The issue is a buffer overflow in handling the FTP PORT command that allows an unauthenticated remote attacker to overwrite memory and execute arbitrary code with SYSTEM privileges. Documented implications include full compro...

PSKernel-Primitives

PSKernel-Primitives Over time I'll add PowerShell helper functions to assist in kernel exploitation. Common PowerShell Exploit Constructs Create buffer powershell Byte buffer int/hex $Buff = Byte0x41255 + Byte0x420xff Buffer includes pointer Takes care of endianness, may need ".ToInt32" or...

The vulnerability of the NetworkServlet.getNextTrapPage() function in the system for centrally managing network devices and ports of Advantech iView allows a hacker to execute arbitrary code.

The vulnerability of the NetworkServlet.getNextTrapPage function in the system for centrally managing network devices and ports of Advantech iView is related to the lack of security measures for SQL query structures. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError

A nested data handling flaw was found in Jackson Core. When parsing particularly deeply nested data structures, a StackoverflowError can occur...

The vulnerability of the Laravel Translation Manager PHP framework allows attackers to perform cross-site scripting attacks.

The vulnerability of the Laravel Translation Manager PHP framework is related to the lack of security measures for handling web page structures. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

sound/virtio: Fix cancel_sync warnings on uninitialized work_structs

...

PT-2025-31072

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contained a type confusion issue within the smc module related to the handling of inet sock structures. Specifically, the issue stemmed from allowing non-INET sockets to...

Stack Overflow

llamaindexcore is vulnerable to stack overflow. The vulnerability is due to unsafe recursive traversal without depth validation, which allows an attacker to submit deeply nested JSON structures and trigger a Denial of Service DoS by causing a RecursionError and crashing the application...

GNU Transport Layer Security Library 3.8.10

GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS 12, OpenPGP, and other...

The vulnerability of the IBM InfoSphere Information Server software platform, related to the lack of protective measures for SQL query structures, allows attackers to gain access to read, modify, and delete data.

The vulnerability of the IBM InfoSphere Information Server software platform relates to the lack of security measures for SQL query structures. Exploiting this vulnerability can allow an attacker to gain read, modify, and delete access to data...

The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

PT-2025-27665 · Unknown · Llama Index

Name of the Vulnerable Software and Affected Versions: llama index versions prior to 0.12.28 llama index version 0.12.28 Description: The JSONReader in the affected software is vulnerable to a stack overflow due to uncontrolled recursive JSON parsing. This allows attackers to trigger a Denial of...

com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError

A nested data handling flaw was found in Jackson Core. When parsing particularly deeply nested data structures, a StackoverflowError can occur...

The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

Balancing Privacy and Utility in Correlated Data: a Study of Bayesian Differential Privacy

Privacy risks in differentially private DP systems increase significantly when data is correlated, as standard DP metrics often underestimate the resulting privacy leakage, leaving sensitive information vulnerable. Given the ubiquity of dependencies in real-world databases, this oversight poses a...

CLSA-2025-1750780979 freetype: Fix of CVE-2025-27363

CVE-2025-27363: fix OOB write when parsing font subglyph structures...

The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the session agent of the software complex “Termide Virtual Workstations Dispatching System” relates to the failure to take measures to protect the request structure, allowing attackers to enhance their privileges.

The vulnerability of the session agent component of the “Termide Virtual Desktops Connection Manager” software is related to the lack of protective measures for the request structure. Exploiting this vulnerability allows a malicious actor to enhance their privileges through specially crafted...