BIT-LIBPHP-2021-21708 UAF due to php_filter_float() failing

In PHP versions 7.4.x below 7.4.28, 8.0.x below 8.0.16, and 8.1.x below 8.1.3, when using filter functions with FILTERVALIDATEFLOAT filter and min/max limits, if the filter fails, there is a possibility to trigger use of allocated memory after free, which can result it crashes, and potentially in...

Linux Distros Unpatched Vulnerability : CVE-2025-22001

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Fix integer overflow in qaicvalidatereq These are u64 variables that come from t...

The vulnerability of the `create_validate_stream_for_sink()` function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the createvalidatestreamforsink function in the Linux operating system is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

UBUNTU-CVE-2025-38366

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Check validity of "numcpu" from user space The maximum supported cpu number is EIOINTCROUTEMAXVCPUS about irqchip EIOINTC, here add validation about cpu number to avoid array pointer overflow...

CVE-2025-38366 LoongArch: KVM: Check validity of "num_cpu" from user space

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Check validity of "numcpu" from user space The maximum supported cpu number is EIOINTCROUTEMAXVCPUS about irqchip EIOINTC, here add validation about cpu number to avoid array pointer overflow...

Salesforce Tableau Server 安全漏洞

Salesforce Tableau Server is a data visualization and analytics platform from Salesforce, Inc. A security vulnerability exists in Salesforce Tableau Server versions prior to 2025.1.3, prior to 2024.2.12, and prior to 2023.3.19, which stems from insufficient validation of the validate-initial-sql...

PT-2025-30339 · Dippy · Dippy

Name of the Vulnerable Software and Affected Versions: Dippy version 2 Description: An Insecure Direct Object Reference IDOR vulnerability exists in Dippy that allows attackers to gain sensitive information. The vulnerability is present in the conversation history API endpoint and is exploitable...

PT-2025-29936 · Unknown · Nbcio-Boot

Name of the Vulnerable Software and Affected Versions: nbcio-boot version 1.0.3 Description: nbcio-boot version 1.0.3 contains a SQL injection issue via the userIds parameter at the /sys/user/deleteRecycleBin API endpoint. Recommendations: nbcio-boot version 1.0.3: Sanitize or validate the userId...

📄 Langflow 1.2.x Remote Code Execution

Langflow exposes a vulnerable endpoint /api/v1/validate/code that improperly evaluates arbitrary Python code via the exec function. An unauthenticated remote attacker can execute arbitrary system commands. Versions 1.2.x and below are affected. !/usr/bin/env python3 Exploit Title: Langflow 1.2.x ...

PT-2025-29391 · Unknown · Campcodes Online Movie Theater Seat Reservation System

Name of the Vulnerable Software and Affected Versions: Campcodes Online Movie Theater Seat Reservation System version 1.0 Description: A critical issue exists in Campcodes Online Movie Theater Seat Reservation System version 1.0. The save movie function within the /admin/admin class.php file is...

CVE-2025-53536 Roo Code allows Potential Remote Code Execution via .vscode/settings.json

Roo Code is an AI-powered autonomous coding agent. Prior to 3.22.6, if the victim had "Write" auto-approved, an attacker with the ability to submit prompts to the agent could write to VS Code settings files and trigger code execution. There were multiple ways to achieve that. One example is with...

CVE-2025-38230

In the Linux kernel, the following vulnerability has been resolved: jfs: validate AG parameters in dbMount to prevent crashes Validate dbagheight, dbagwidth, and dbagstart in dbMount to catch corrupted metadata early and avoid undefined behavior in dbAllocAG. Limits are derived from L2LPERCTL,...

UBUNTU-CVE-2025-38098

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Don't treat wb connector as physical in createvalidatestreamforsink Don't try to operate on a drmwbconnector as an amdgpudmconnector. While dereferencing aconnector-base will "work" it's wrong and might lead to...

Malicious code in poseidon-validate (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 90aead430e86dd9f204e1a8db7e6adb050c5eeae8a938c3d570991ebac4c8ac4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5608 Malicious code in poseidon-validate (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 90aead430e86dd9f204e1a8db7e6adb050c5eeae8a938c3d570991ebac4c8ac4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in validate-rb (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 7975ebc737a4c604d0d25ee00a187fde74d2442953ec305c57c738ebd4cdedcd The OpenSSF Package Analysis project identified 'validate-rb' @ 1.0.0...

MAL-2025-5294 Malicious code in validate-rb (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 7975ebc737a4c604d0d25ee00a187fde74d2442953ec305c57c738ebd4cdedcd The OpenSSF Package Analysis project identified 'validate-rb' @ 1.0.0...

Reliability Analysis of Smart Contract Execution Architectures: a Comparative Simulation Study

The industrial market continuously needs reliable solutions to secure autonomous systems. Especially as these systems become more complex and interconnected, reliable security solutions are becoming increasingly important. One promising solution to tackle this challenge is using smart contracts...

GHSA-GJV3-89HH-9XQ2 RISC Zero Ethereum invalid commitment with digest value of zero accepted by Steel.validateCommitment

Impact Prior to 2.1.1 and 2.2.0, the Steel.validateCommitment Solidity library function will return true for a crafted commitment with a digest value of zero. This violates the semantics of validateCommitment, as this does not commitment to a block that is in the current chain. Because the digest...

kernel: netfilter: nf_tables: prefer nft_chain_validate

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: prefer nftchainvalidate nftchainvalidate already performs loop detection because a cycle will result in a call stack overflow ctx-level = NFTJUMPSTACKSIZE. It also follows maps via -validate callback in...