CVE-2025-71225

A race condition flaw was found in the Linux kernel's MD RAID1 driver. When updating the raiddisks count via sysfs during concurrent I/O errors, the freezearray function may return before all queued r1bio structures are released. This can cause freer1bio to access memory out of bounds and...

CVE-2025-67645

creationtimestamp| type| source ---|---|--- 2026-01-28 00:52:35+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mdh2nxqvfl22 2026-01-28 01:32:31+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mdh4vf33q22g...

CVE-2025-58923

creationtimestamp| type| source ---|---|--- 2026-01-20 20:22:11+00:00| seen| Telegram/0xDArAX3HG3crsZxcgbRQEYLhb2wCsLIArjPpvex34-6k...

CVE-2025-68325

In the Linux kernel, the following vulnerability has been resolved: net/sched: schcake: Fix incorrect qlen reduction in cakedrop In cakedrop, qdisctreereducebacklog is used to update the qlen and backlog of the qdisc hierarchy. Its caller, cakeenqueue, assumes that the parent qdisc will enqueue t...

CVE-2025-43523

creationtimestamp| type| source ---|---|--- 2025-12-12 23:12:18+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m7t7mcvrjb2q...

CVE-2025-63067

creationtimestamp| type| source ---|---|--- 2025-12-09 15:25:37+00:00| seen| https://gist.github.com/Darkcrai86/7a2852d294125071f4b18d7e51d4847d...

CLSA-2025-1764028069 sssd: Fix of CVE-2025-11561

CVE-2025-11561: prevent unexpected Kerberos principal-to-account mappings when SSSD's localauth plugin cannot resolve a principal...

EUVD-2025-120826

Malicious code in venus-avior-hugo-epimetheus npm...

EUVD-2025-37821

EUVD-2025-37821...

CVE-2025-59297

creationtimestamp| type| source ---|---|--- 2025-10-07 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-280-01 2025-10-27 04:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-969/...

CVE-2025-57971

creationtimestamp| type| source ---|---|--- 2025-09-24 15:52:47+00:00| seen| Telegram/Mf5ZzbFrwBc0zhQhV5HHZ9w0RKRuqK61Tvmq7zxG2kpvM...

RHEL 8 : udisks2 (RHSA-2025:16121)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:16121 advisory. The Udisks project provides a daemon, tools, and libraries to access and manipulate disks, storage devices, and technologies. Security Fixes: udisks...

Linux Distros Unpatched Vulnerability : CVE-2025-37932

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - schhtb: make htbqlennotify idempotent htbqlennotify always deactivates the HTB class and in fact could trigger a warning if it is already deactivated. Therefore...

CVE-2025-6737

Securden’s Unified PAM Remote Vendor Gateway access portal shares infrastructure and access tokens across multiple tenants. A malicious actor can obtain authentication material and access the gateway server with low-privilege permissions...

WordPress Accessibility Checker by Equalize Digital Plugin <= 1.30.0 - Insecure Direct Object References (IDOR) Vulnerability

Insecure Direct Object References IDOR Vulnerability discovered by n0arafatn0 in WordPress Plugin Accessibility Checker by Equalize Digital versions = 1.30.0...

WordPress Spacious Theme <= 1.9.11 is vulnerable to Broken Access Control

Software Spacious Type Theme Vulnerable versions = 1.9.11 Fixed in 1.9.12 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2025-9331 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID bca30fd3c674 Credits Dmitrii Ignatyev Required privilege...

CVE-2025-57754

creationtimestamp| type| source ---|---|--- 2025-08-21 18:18:47+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lwwkjgkgq227 2025-08-22 06:03:49+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3lwxrw3cuim24...

CVE-2025-38554

In the Linux kernel, the following vulnerability has been resolved: mm: fix a UAF when vma-mm is freed after vma-vmrefcnt got dropped By inducing delays in the right places, Jann Horn created a reproducer for a hard to hit UAF issue that became possible after VMAs were allowed to be recycled by...

CVE-2025-8972

A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/page-login.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2025-9051

A vulnerability was determined in projectworlds Travel Management System 1.0. Affected by this issue is some unknown functionality of the file /updatecategory.php. The manipulation of the argument t1 leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to th...