EUVD-2020-14924

Malware in sbrugna...

EUVD-2024-32546

Malicious code in bioql PyPI...

CVE-2025-25763

CVE-2025-25763 affects crmeb CRMEB-KY before/including v5.4.0. The issue is a SQL injection in the getRead() function of /system/SystemDatabackupServices.php, caused by unsafely constructed queries. CVSSv3.1 base score 9.8 (Network, Low attack complexity, No privileges, No user interaction) with ...

CVE-2024-43705 GPU DDK - Security: Exploitable PVRSRVBridgePhysmemWrapExtMem may lead to overwrite read-only file/memory (e.g. libc.so)

Software installed and run as a non-privileged user can trigger the GPU kernel driver to write to arbitrary read-only system files that have been mapped into application memory...

Unspecified Vulnerability in Microsoft Win32K (CNVD-2024-24945)

Microsoft Win32k is a system file for Windows multi-user management from Microsoft USA. A security vulnerability exists in Microsoft Win32K. An attacker could exploit the vulnerability to cause elevation of privilege...

Path traversal

U-Office Force Download function has a path traversal vulnerability. A remote attacker with general user privilege can exploit this vulnerability to download arbitrary system file...

SQL Injection Vulnerability in LJCMS us***.php File

LJCMS is a free and open source content management system. A SQL injection vulnerability exists in the LJCMS us.php file. An attacker can exploit the vulnerability to obtain sensitive database information...

Solaris 2.7/2.8 Catman - Local Insecure tmp Symlink

!/usr/local/bin/perl -w The problem is catman creates files in /tmp insecurly. They are based on the PID of the catman process, catman will happily clobber any files that are symlinked to that file. The idea of this script is to create a block of symlinks to the target file with the current PID a...