205 matches found
SUSE CVE-2025-39981
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix possible UAFs This attemps to fix possible UAFs caused by struct mgmtpending being freed while still being processed like in the following trace, in order to fix mgmtpendingvalid is introduce and use to check...
EUVD-2025-31842
A vulnerability was detected in JhumanJ OpnForm up to 1.9.3. Affected by this issue is some unknown functionality of the file /answer. The manipulation results in unrestricted upload. The attack can be launched remotely. The exploit is now public and may be used. The patch is identified as...
CVE-2023-53654
In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Add validation before accessing cgx and lmac with the addition of new MAC blocks like CN10K RPM and CN10KB RPMUSX, LMACs are noncontiguous and CGX blocks are also noncontiguous. But during RVU driver initialization,...
EUVD-2021-23346
Malware in sbrugna...
EUVD-2020-27398
Malware in sbrugna...
EUVD-2020-24932
Malware in sbrugna...
EUVD-2022-27392
Malicious code in bioql PyPI...
EUVD-2022-55467
Malicious code in bioql PyPI...
EUVD-2021-7583
Malicious code in bioql PyPI...
EUVD-2024-1071
Malicious code in bioql PyPI...
EUVD-2023-24078
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-50205
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext2: Add more validity checks for inode counts Add checks verifying number of inodes stored in the superblock matches the number computed from number of inodes...
SUSE CVE-2025-38494
In the Linux kernel, the following vulnerability has been resolved: HID: core: do not bypass hidhwrawrequest hidhwrawrequest is actually useful to ensure the provided buffer and length are valid. Directly calling in the low level transport driver function bypassed those checks and allowed invalid...
PT-2025-27180 · Unknown · Slickstream
Name of the Vulnerable Software and Affected Versions: Slickstream versions n/a through 2.0.3 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows an attacker to perform unauthorized actions on a user's account. This is a type of attack where an attacker tricks ...
PT-2025-26853
Name of the Vulnerable Software and Affected Versions Cisco ISE and Cisco ISE-PIC versions 3.4 Description A vulnerability exists in an internal API of Cisco ISE and Cisco ISE-PIC due to missing file validation checks. This allows an unauthenticated, remote attacker to upload arbitrary files to a...
Cisco Identity Services Engine (cisco-sa-ise-unauth-rce-ZAd2GnJ6)
According to its self-reported version, Cisco ISE is affected by a vulnerability. - A vulnerability in an internal API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device and then execute those files on the underlying...
PT-2025-24118 · Faster Themes · Fasterthemes Fastbook
Name of the Vulnerable Software and Affected Versions: FasterThemes FastBook versions 1.1 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows an attacker to perform unauthorized actions on a user's account. This is a type of attack where an attacker...
CVE-2024-48918
RDS Light is a simplified version of the Reflective Dialogue System RDS, a self-reflecting AI framework. Versions prior to 1.1.0 contain a vulnerability that involves a lack of input validation within the RDS AI framework, specifically within the user input handling code in the main module main.p...
CVE-2021-36758
1Password Connect server before 1.2 is missing validation checks, permitting users to create Secrets Automation access tokens that can be used to perform privilege escalation. Malicious users authorized to create Secrets Automation access tokens can create tokens that have access beyond what the...
CVE-2020-16162
An issue was discovered in RIPE NCC RPKI Validator 3.x through 3.1-2020.07.06.14.28. Missing validation checks on CRL presence or CRL staleness in the X509-based RPKI certificate-tree validation procedure allow remote attackers to bypass intended access restrictions by using revoked certificates...