458 matches found
CVE-2025-20614
CVE-2025-20614 concerns Intel’s CIP software prior to WIN_DCA_2.4.0.11001, where external control of a file name or path in Ring 3 user applications may enable privilege escalation. The description across connected sources states an unprivileged software adversary with a privileged user and a low...
EUVD-2025-60961
The Skip to Timestamp plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'skipto' shortcode in all versions up to, and including, 1.4.4. This is due to insufficient input sanitization and output escaping on the 'time' attribute. This makes it possible for authenticated...
CVE-2025-5946
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Centreon Infra Monitoring Poller reload setup in the configuration modules allows OS Command Injection. On the poller parameters page, a user with high privilege is able to concatenate custom...
EUVD-2017-8015
Malware in sbrugna...
POCFORGE
AutoPoC Automatical...
EUVD-2024-20951
Malicious code in bioql PyPI...
EUVD-2025-5522
Malicious code in bioql PyPI...
EUVD-2024-38086
Malicious code in bioql PyPI...
EUVD-2024-38098
Malicious code in bioql PyPI...
PT-2025-40270
Name of the Vulnerable Software and Affected Versions Splunk Enterprise versions prior to 9.4.4 Splunk Enterprise versions prior to 9.3.6 Splunk Enterprise versions prior to 9.2.8 Splunk Cloud Platform versions prior to 9.3.2411.109 Splunk Cloud Platform versions prior to 9.3.2408.119 Splunk Clou...
CVE-2025-9083 Ninja-forms < 3.11.1 - Unauthenticated PHP Objection
The Ninja Forms WordPress plugin before 3.11.1 unserializes user input via form field, which could allow Unauthenticated users to perform PHP Object Injection when a suitable gadget is present on the blog...
BELL-CVE-2025-39806
Bulletin has no description...
CVE
CV...
Microsoft Sharepoint Remote Code Execution Vulnerability (CNVD-2025-26724)
Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A remote code executi...
CVE-2025-48538
In setApplicationHiddenSettingAsUser of PackageManagerService.java, there is a possible way to hide a system critical package due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitatio...
UBUNTU-CVE-2025-53853
A heap-based buffer overflow vulnerability exists in the ISHNE parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted ISHNE ECG annotations file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this...
Huawei EulerOS: Security Advisory for iputils (EulerOS-SA-2025-1992)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Username Enumeration
github.com/openbao/openbao is vulnerable to user enumeration. The vulnerability is due to timing differences in the userpass authentication method between non-existent users and users with stored credentials, which allows an attacker to enumerate valid usernames regardless of password validity...
CVE-2025-8581
Inappropriate implementation in Extensions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
CVE-2025-38475
In the Linux kernel, the following vulnerability has been resolved: smc: Fix various oops due to inetsock type confusion. syzbot reported weird splats 01 in cipsov4socksetattr while freeing inetsksk-inetopt. The address was freed multiple times even though it was read-only memory...