11 matches found
CVE-2026-45990
In the Linux kernel, the following vulnerability has been resolved: slub: fix data loss and overflow in krealloc Commit 2cd8231796b5 "mm/slub: allow to set node and align in kvrealloc" introduced the ability to force a reallocation if the original object does not satisfy new alignment or NUMA nod...
EUVD-2017-13052
Malware in sbrugna...
EUVD-2025-6366
Malicious code in bioql PyPI...
EUVD-2022-1381
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2024-27080
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race when detecting delalloc ranges during fiemap For fiemap we recently stopped...
CVE-2025-2789
The MultiVendorX – Empower Your WooCommerce Store with a Dynamic Multivendor Marketplace – Build the Next Amazon, eBay, Etsy plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the deletetablerateshippingrow function in all versions up to, and...
Unspecified Vulnerability in Lunary
Lunary is Lunary open source a production toolkit for LLM . A security vulnerability exists in Lunary versions prior to 1.5.9, which stems from a security issue in /v1/evaluators/endpoints, and can be exploited by an attacker to delete evaluator data, resulting in permanent data loss and potentia...
CVE-2025-29768
Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because a user must be made to view such an archive with Vim and then press 'x' on such a strange filename. The issue has been fixed as of Vim...
PT-2024-37250 · Imartinez · Privategpt
Name of the Vulnerable Software and Affected Versions: imartinez/privategpt version 0.5.0 Description: A Cross-Site Request Forgery CSRF issue allows an attacker to delete all uploaded files on the server, leading to data loss and service disruption for the application's users. Recommendations: F...
CVE-2024-3761 Missing Authorization on Delete Datasets in lunary-ai/lunary
In lunary-ai/lunary version 1.2.2, the DELETE endpoint located at packages/backend/src/api/v1/datasets is vulnerable to unauthorized dataset deletion due to missing authorization and authentication mechanisms. This vulnerability allows any user, even those without a valid token, to delete a datas...
PostgreSQL VACUUM command allows unprivileged user to remove database transaction log data
Overview The PostgreSQL VACUUM command contains a vulnerability that allows an unprivileged user to remove database transaction log data. This may result in unrecoverable data loss. Description PostgreSQL is a database management system. The PostgreSQL VACUUM command is used to clean out records...