461 matches found
CVE-2023-39667
D-Link DIR-868L fwrevA1-12eumulti20170316 was discovered to contain a buffer overflow via the param2 parameter in the FUN0000acb4 function...
CVE-2023-5266
A vulnerability, which was classified as critical, was found in DedeBIZ 6.2. This affects an unknown part of the file /src/admin/tagsmain.php. The manipulation of the argument ids leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public...
CVE-2022-42937
A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process...
CVE-2020-29164
PacsOne Server PACS Server In One Box below 7.1.1 is affected by cross-site scripting XSS...
I’m done preparing the slides for my talk about Vulristics at PHDays
I 'm done preparing the slides for my talk about Vulristics at PHDays. I'll be speaking on the last day of the festival - Saturday, May 24, at 16:00 in Popov Hall 25. If you're there at that time, I'd be glad to see you. If not - join online! I'll have an hour to dive into Vulristics, vulnerabili...
WordPress Magic Responsive Slider and Carousel WordPress plugin < 1.6 - SQL Injection Vulnerability
SQL Injection Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Plugin Magic Responsive Slider and Carousel WordPress versions 1.6...
CVE-2025-0688
CVE-2025-0688 affects the WordPress plugin Spiritual Gifts Survey (and S.H.A.P.E. survey) versions ≤ 0.9.10. The vulnerability arises because a parameter is not sanitized/escaped before being echoed in the page, producing a reflected XSS. Exploitation could impact unauthenticated users and is des...
CVE-2022-49840
In the Linux kernel, the following vulnerability has been resolved: bpf, testrun: Fix alignment problem in bpfprogtestrunskb We got a syzkaller problem because of aarch64 alignment fault if KFENCE enabled. When the size from user bpf program is an odd number, like 399, 407, etc, it will cause the...
CVE-2025-4125
creationtimestamp| type| source ---|---|--- 2025-04-30 10:00:16+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnzjxxfrut2r 2025-04-30 12:03:33+00:00| seen| https://t.me/cvedetector/24074 2025-04-30 13:13:33+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/14022...
PT-2025-22428 · Ооо "Юзергейт" · Usergate Log Analyzer +4
Уязвимость веб-сервиса xmlrpc программного обеспечения межсетевого экрана UserGate Next-Generation Firewall NGFW, единого центра управления UserGate Management Center UGMC, системы сбора логов UserGate Log Analyzer LogAn связана с недостаточной проверкой входных данных. Эксплуатация уязвимости...
CVE-2025-1763
creationtimestamp| type| source ---|---|--- 2025-04-24 20:00:47+00:00| seen| https://bsky.app/profile/getpokemon7.bsky.social/post/3lnliq7rlbk2f 2025-05-30 11:26:56+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqf4s7jkgda2...
ARCeR: an Agentic RAG for the Automated Definition of Cyber Ranges
The growing and evolving landscape of cybersecurity threats necessitates the development of supporting tools and platforms that allow for the creation of realistic IT environments operating within virtual, controlled settings as Cyber Ranges CRs. CRs can be exploited for analyzing vulnerabilities...
CVE-2025-27812
MSI Center before 2.0.52.0 allows TOCTOU Local Privilege Escalation...
PT-2025-15309
Name of the Vulnerable Software and Affected Versions: Skia affected versions not specified Description: An out-of-bounds write issue exists in the initializeSwizzler function within SkBmpStandardCodec.cpp due to a heap buffer overflow. This could lead to remote escalation of privilege without...
CVE-2025-32200
...
Linux Distros Unpatched Vulnerability : CVE-2012-2100
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ext4fillflexinfo function in fs/ext4/super.c in the Linux kernel before 3.2.2, on the x86 platform and unspecified other platforms, allows user-assisted...
Siemens SIMATIC Devices Linux Kernel Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2022-3635)
A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function tsttimer of the file drivers/atm/idt77252.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. VDB-211934 ...
PT-2025-6943 · Schneider Electric · Connexium Network Manager
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A Files or Directories Accessible to External Parties issue exists over https, which could lead to information leakage and potential privilege escalation following a man-in-the-middle attack...
Huawei EulerOS: Security Advisory for xorg-x11-server (EulerOS-SA-2025-1149)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-33019
Transient DOS while parsing the received TID-to-link mapping action frame...