ROOT-OS-UBUNTU-2404-CVE-2025-38334 CVE-2025-38334 in rootio-linux - Patched by Root

Root has patched CVE-2025-38334 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

CVE-2023-4591

A local file inclusion vulnerability has been found in WPN-XM Serverstack affecting version 0.8.6, which would allow an unauthenticated user to perform a local file inclusion LFI via the /tools/webinterface/index.php?page parameter by sending a GET request. This vulnerability could lead to the...

“I too like to live dangerously”, Accidentally Finding RCE in Signal Desktop via HTML Injection in Quoted Replies

Remediation TL;DR If you’re a concerned Signal user please update to the latest version of Signal Desktop fixed in version v1.11.0 which addresses all of these issues. Note that the mobile apps for Signal were not affected by this issue. Background Information If you’re an avid follower of all th...

DiscuzX1.5 门户管理权限SQL注入漏洞

简要描述： DiscuzX1.5 门户管理权限SQL注入漏洞 详细说明： DiscuzX1.5 门户管理权限SQL注入漏洞 详细说明： source\include\portalcp\portalcparticle.php //90行 if$G'gpconver' $converfiles = unserializestripcslashes$G'gpconver'; $setarr'pic' = $converfiles'pic'; $setarr'thumb' = $converfiles'thumb'; $setarr'remote' = $converfiles'remote';...