Doctor Appointment System 1.0 - SQL Injection

Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated attacker to insert malicious SQL queries via firstname parameter. id: CVE-2021-27320 info: name: Doctor Appointment System 1.0 - SQL Injection author: theamanrawat severity: high description: | Blind S...

Craft CMS - Remote Code Execution via Template Path Manipulation

This template identifies a critical Remote Code Execution RCE vulnerability in Craft CMS, identified as GHSA-2p6p-9rc9-62j9. The vulnerability exists due to improper handling of the --templatesPath query parameter, allowing attackers to execute arbitrary code by referencing malicious Twig...

WordPress Site Editor <=1.1.1 - Local File Inclusion

WordPress Site Editor through 1.1.1 allows remote attackers to retrieve arbitrary files via the ajaxpath parameter to editor/extensions/pagebuilder/includes/ajaxshortcodepattern.php. id: CVE-2018-7422 info: name: WordPress Site Editor =1.1.1 - Local File Inclusion author: LuskaBol,0x240x23elu...

CVE-2026-46225

In the Linux kernel, the following vulnerability has been resolved: spi: rspi: fix controller deregistration Make sure to deregister the controller before releasing underlying resources like DMA during driver unbind...

Important: kernel-livepatch-6.12.74-98.124

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place To mitigate this issue, we recommend that customers disable loading of the algifaead module by running the following commands: echo "install algifaead /bin/fals...

Exploit for CVE-2026-31431

copy-fail-CVE-2026-31431-C “copy-fail-CVE-2026-31431” is a p...

EUVD-2026-22947

HP System Optimizer might potentially be vulnerable to escalation of privilege. HP is releasing an update to mitigate this potential vulnerability...

EUVD-2026-22092

A series of Improper Input Validation vulnerabilities could allow a Command Injection by a malicious actor with access to the UniFi Play network. Affected Products: UniFi Play PowerAmp Version 1.0.35 and earlier UniFi Play Audio Port Version 1.0.24 and earlier Mitigation: Update UniFi Play...

EUVD-2026-14817

Mitigation bypass in the Networking: HTTP component. This vulnerability affects Firefox 149 and Firefox ESR 140.9...

NVIDIA GPU Display Driver January 2026 Security Update

NVIDIA has informed HP of potential security vulnerabilities identified in the NVIDIA® GPU Display Driver for Windows, which might allow code execution, escalation of privileges, data tampering, denial of service, and information disclosure. NVIDIA has released updates to mitigate these...

EUVD-2026-5582

Semantic Kernel is an SDK used to build, orchestrate, and deploy AI agents and multi-agent systems. Prior to 1.70.0, an Arbitrary File Write vulnerability has been identified in Microsoft's Semantic Kernel .NET SDK, specifically within the SessionsPythonPlugin. The problem has been fixed in...

CVE-2025-6597

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/auth/AuthManager.Php. This issue affects MediaWiki: from before 1.39.13, 1.42.7, 1.43.2, 1.44.0...

Advanced Vulnerability Scanning for Open Source Software: Detection and Mitigation of Log4j Vulnerabilities

Automated detection of software vulnerabilities remains a critical challenge in software security. Log4j is an industrial-grade Java logging framework listed as one of the top 100 critical open source projects. On Dec. 10, 2021 a severe vulnerability Log4Shell was disclosed before being fully...

CVE-2022-50815 ext2: Add sanity checks for group and filesystem size

In the Linux kernel, the following vulnerability has been resolved: ext2: Add sanity checks for group and filesystem size Add sanity check that filesystem size does not exceed the underlying device size and that group size is big enough so that metadata can fit into it. This avoid trying to mount...

Agentic AI for Autonomous Defense in Software Supply Chain Security: Beyond Provenance to Vulnerability Mitigation

The software supply chain attacks are becoming more and more focused on trusted development and delivery procedures, so the conventional post-build integrity mechanisms cannot be used anymore. The available frameworks like SLSA, SBOM and in toto are majorly used to offer provenance and traceabili...

Vulnerabilites

Vendor Acknowledgment & Coordination...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989645)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989645 advisory. In the Linux kernel, the following vulnerability has been resolved: net/rds: fix possible cp null dereference cp might be null, calling cp-cpconn would produce null...

CVE-2025-43017

HP ThinPro 8.1 System management application failed to verify user's true id. HP has released HP ThinPro 8.1 SP8, which includes updates to mitigate potential vulnerabilities...

EUVD-2019-13124

Malware in sbrugna...

EUVD-2018-0794

Malware in sbrugna...