CVE-2025-63638

The CVE-2025-63638 entry corresponds to a Cross-Site Scripting (XSS) vulnerability in Sourcecodester AI-Powered To-Do List App v1.0. According to multiple sources (NVD, Red Hat, ENISA/EUVD, CVE/CVEList, CNNVD), the flaw affects the Task Title and the Description (Optional) fields when creating a ...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990620)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990620 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Fix hungtask for PADATARESET We found a hungtask bug in testaeadveccfg as...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990578)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990578 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix abort all task initialization In pm80xxsendabortall, the nelem field of the ccb...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990392)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990392 advisory. In the Linux kernel, the following vulnerability has been resolved: w1: fix WARNING after calling w1process I got the following WARNING message while removing...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989735)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989735 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix abort all task initialization In pm80xxsendabortall, the nelem field of the ccb...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989415)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989415 advisory. In the Linux kernel, the following vulnerability has been resolved: sched/scs: Reset task stack state in bringupcpu To hot unplug a CPU, the idle task on that CPU...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990055)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990055 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix use-after-free for aborted SSP/STP sastask Currently a use-after-free may occur...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989183)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989183 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Guard against accessing NULL ptregs in bpfgettaskstack taskptregs can return NULL on powerpc...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989928)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989928 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix abort all task initialization In pm80xxsendabortall, the nelem field of the ccb...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989673)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989673 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix task leak in pm8001sendabortall In pm8001sendabortall, make sure to free the...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988710)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988710 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix use-after-free for aborted TMF sastask Currently a use-after-free may occur if ...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989843)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989843 advisory. In the Linux kernel, the following vulnerability has been resolved: m68k: Fix spinlock race in kernel thread creation Context switching does take care to retain the...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989182)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989182 advisory. In the Linux kernel, the following vulnerability has been resolved: fs/proc: taskmmu.c: don't read mapcount for migration entry The syzbot reported the below BUG:...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989636)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989636 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix refcount issue when LOGO is received during TMF Hung task call trace was seen...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989638)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989638 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix tag leaks on error In pm8001chipsetdevstatereq, pm8001chipfwflashupdatereq,...

New HttpTroy Backdoor Poses as VPN Invoice in Targeted Cyberattack on South Korea

The North Korea-linked threat actor known as Kimsuky has distributed a previously undocumented backdoor codenamed HttpTroy as part of a likely spear-phishing attack targeting a single victim in South Korea. Gen Digital, which disclosed details of the activity, did not reveal any details on when t...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: sched/ext: Fixed invalid task state transitions during class switching. When enabling the schedext scheduler, it is possible to trigger invalid task state transitions, resulting in warnings like the following which can be easily...

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: x86/iopl: Fixed inconsistencies in TIFIOBITMAP The function iobitmapexit is called from exitthread, when a task exists or when a fork fails. In the latter case, exitthread cleans up resources that were allocated during fork...

Windows Persistent Task Scheduler

This module establishes persistence by creating a scheduled task to run a payload. Module Options msf use exploit/windows/persistence/taskscheduler msf exploittaskscheduler show targets ...targets... msf exploittaskscheduler set TARGET msf exploittaskscheduler show options ...show and set...

📄 Windows Persistent Task Scheduler

This Metasploit module establishes persistence by creating a scheduled task to run a payload. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Persistent Task Scheduler', 'Description' =...