PT-2025-16760

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.14.0-rc1-next-20250206-xfstests-dirty 726 Description A vulnerability in the Linux kernel has been resolved, which could cause a hung task if ext4 inode attach jinode fails in ext4 setattr. This failure prevent...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: perf: Fix event leak upon exit When a task is scheduled out, pending sigtrap deliveries are deferred to the target task upon resume to user space via taskwork. However, failures during the addition of an event’s callback to the...

Azure Linux 3.0 Security Update: kernel (CVE-2024-46798)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46798 advisory. - In the Linux kernel, the following vulnerability has been resolved: ASoC: dapm: Fix UAF for sndsocpcmruntime...

CVE-2025-0982

Sandbox escape in the JavaScript Task feature of Google Cloud Application Integration allows an actor to execute arbitrary unsandboxed code via crafted JavaScript code executed by the Rhino engine. Effective January 24, 2025, Application Integration will no longer support Rhino as the JavaScript...

SQL Injection

Overview yascheduler is a Yet another computing scheduler and cloud orchestration engine Affected versions of this package are vulnerable to SQL Injection in the queuesubmittask function. Remediation Upgrade yascheduler to version 1.0.7 or higher. References - GitHub Commit...

CVE-2025-0982

Sandbox escape in the JavaScript Task feature of Google Cloud Application Integration allows an actor to execute arbitrary unsandboxed code via crafted JavaScript code executed by the Rhino engine. Effective January 24, 2025, Application Integration will no longer support Rhino as the JavaScript...

CVE-2025-0982 Sandbox Escape in Google Cloud Application Integration's JavaScript Task (Rhino Engine)

Sandbox escape in the JavaScript Task feature of Google Cloud Application Integration allows an actor to execute arbitrary unsandboxed code via crafted JavaScript code executed by the Rhino engine. Effective January 24, 2025, Application Integration will no longer support Rhino as the JavaScript...

CVE-2025-0982

CVE-2025-0982 : Sandbox escape in Google Cloud Application Integration’s JavaScript Task (Rhino engine). The exploit would require crafted JavaScript code run by Rhino. Effective January 24, 2025, Rhino is no longer supported by Application Integration, and no further fix actions are needed. The ...

CVE-2025-0846

A vulnerability was found in 1000 Projects Employee Task Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/AdminLogin.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The...

CVE-2025-0847

A vulnerability was found in 1000 Projects Employee Task Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /index.php of the component Login. The manipulation of the argument email leads to sql injection. The attack can be initiated...

Google Cloud Platform 安全漏洞

Google Cloud Platform is a cloud computing platform from Google that provides services such as cloud computing, data storage, data analytics and machine learning. A security vulnerability exists in Google Cloud Platform, which stems from a sandbox escape in the JavaScript Task function that allow...

PT-2025-5810 · Google · Google Cloud Application Integration

Name of the Vulnerable Software and Affected Versions: Google Cloud Application Integration affected versions not specified Description: A sandbox escape issue in the JavaScript Task feature of Google Cloud Application Integration allows an actor to execute arbitrary unsandboxed code via crafted...

CVE-2024-52374

Unrestricted Upload of File with Dangerous Type vulnerability in DoThatTask Do That Task do-that-task allows Upload a Web Shell to a Web Server.This issue affects Do That Task: from n/a through = 1.5.5...

CVE-2024-6653

A vulnerability was found in code-projects Simple Task List 1.0. It has been declared as critical. This vulnerability affects unknown code of the file loginForm.php of the component Login. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The...

CVE-2024-2571

A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /manage-admin.php. The manipulation leads to execution after redirect. The attack can be initiated remotely. The exploit has been...

CVE-2024-2575

A vulnerability, which was classified as critical, has been found in SourceCodester Employee Task Management System 1.0. Affected by this issue is some unknown functionality of the file /task-details.php. The manipulation of the argument taskid leads to authorization bypass. The attack may be...

CVE-2024-2572

A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /task-details.php. The manipulation leads to execution after redirect. The attack may be initiated remotely. The exploit has been...

MAL-2025-1132 Malicious code in hire-task (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4c290018cf38e83059255d39fb3be4583fdc5dafbdc157034cda22edd1c80893 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in hire-task (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4c290018cf38e83059255d39fb3be4583fdc5dafbdc157034cda22edd1c80893 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

PT-2025-20511

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A issue in the Linux kernel has been identified where the task management thread accesses an invalid queue ID, set by the reset thread, which points to unallocated memory, causing a cras...