Drupal Canvas - Moderately critical - Server-side request forgery, Information disclosure - SA-CONTRIB-2026-017

This module enables you to easily theme and build an entire website using only their browser, without the need to write code beyond basic JSX and CSS. Content creators are able to compose content on any part of the page without relying on developers. The project has a hidden sub-module, Drupal...

edk2 security update

20241117-4.0.1.el97.3 - Replace upstream references Orabug:36569119 20241117-4.el97.3 - edk2-OvmfPkg-MemEncryptSevLib-Evict-cache-lines-during-SN.patch RHEL-125104 - edk2-MdePkg-Add-the-COHERENCYSFWNO-CPUID-bit-field.patch RHEL-125104 -...

DRUPAL-CONTRIB-2026-010

This module enables you to integrate and manage icons with Drupal. The module doesn't sufficiently sanitize user input leading to a reflected Cross-site Scripting XSS vulnerability. The vulnerability is mitigated by the fact that in order to be vulnerable, the "UI Icons for CKEditor 5" submodule...

USN-8012-1 gh vulnerabilities

It was discovered that GitHub CLI could behave unexpectedly if users downloaded a malicious GitHub Actions workflow artifact through gh run download. An attacker could possibly use this issue to create or overwrite files in unintended directories. CVE-2024-54132 It was discovered that GitHub CLI...

Exploit for Interpretation Conflict in Git-Scm Git

CVE-2025-48384 PoC This repository demons...

Exploit for Link Following in Git-Scm Git

PoC for CVE-2025-48384 This is a POC. Don't download it in...

Security Bulletin: NVIDIA NeMo Agent Toolkit - November 2025

NVIDIA has released a software update for NVIDIA® NeMo Agent Toolkit. To protect your system, clone or update this software to version 1.3.0 or later from NVIDIA GitHub. The affected sub-module is https://github.com/NVIDIA/NeMo-Agent-Toolkit-UI. Go to NVIDIA Product Security. To protect your...

Exploit for Link Following in Git-Scm Git

PoC for CVE-2025-48384 See CVE-2025-48384https://dgl.cx/20...

EulerOS 2.0 SP11 : git (EulerOS-SA-2025-2224)

According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full...

EUVD-2019-9219

Malware in sbrugna...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: git (UTSA-2025-984661)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-984661 advisory. Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals...

EUVD-2025-29711

Malicious code in bioql PyPI...

EUVD-2025-20677

Malicious code in bioql PyPI...

EUVD-2022-42883

Malicious code in bioql PyPI...

CVE-2025-11163

The SmartCrawl SEO checker, analyzer & optimizer plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the updatesubmodule function in all versions up to, and including, 3.14.3. This makes it possible for authenticated attackers, with...

CVE-2025-11163

The SmartCrawl SEO checker, analyzer & optimizer plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the updatesubmodule function in all versions up to, and including, 3.14.3. This makes it possible for authenticated attackers, with...

CVE-2025-11163

The CVE-2025-11163 entry concerns the SmartCrawl SEO checker, analyzer & optimizer WordPress plugin. It reports a Missing Authorization to Plugin Settings Update vulnerability in all versions up to 3.14.3, enabling authenticated attackers with Subscriber-level access and above to modify the plugi...

PT-2025-39960

Name of the Vulnerable Software and Affected Versions SmartCrawl SEO plugin for WordPress versions prior to 3.14.4 Description The SmartCrawl SEO plugin for WordPress has an issue where data can be modified without authorization. This is due to a missing capability check within the update submodu...

WordPress plugin SmartCrawl 访问控制错误漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. An access...

Exploit for Link Following in Git

💥 CVE-2024-32002 – Git Submodule Path Injection PoC 🧠 Visã...