23 matches found
ROOT-OS-DEBIAN-12-CVE-2025-68732 CVE-2025-68732 in rootio-linux - Patched by Root
Root has patched CVE-2025-68732 in the rootio-linux package for Root:Debian:12. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2025-8177 CVE-2025-8177 in rootio-tiff - Patched by Root
Root has patched CVE-2025-8177 in the rootio-tiff package for Root:Debian:11. Multiple fixed versions available...
CVE-2025-50001
creationtimestamp| type| source ---|---|--- 2026-03-19 12:33:13+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhfz4u2j5q2k...
CVE-2025-71202
A flaw was found in the Linux kernel. This vulnerability, an IOMMU SVA Input/Output Memory Management Unit Shared Virtual Addressing coherency issue, affects x86 systems. An unprivileged local user can trigger this by causing the kernel to free and reuse page table memory, while the IOMMU retains...
CVE-2025-71008
creationtimestamp| type| source ---|---|--- 2026-01-29 17:14:58+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mdlbzjwwnr26...
CVE-2025-14429 WordPress AeroLand theme <= 1.6.6 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove AeroLand aeroland allows PHP Local File Inclusion.This issue affects AeroLand: from n/a through = 1.6.6...
-fides-amor-et-lux (=1.0.0), 20_nogo (>=1.0.0 <=1.1.4) +1075 more potentially affected by CVE-2025-66031 via node-forge (>=1.0.0 <=1.3.1)
node-forge NPM version =1.0.0, =1.0.0, =7.10.2-para-beta.0, =1.3.0-patch.0, =1.1.0, =1.2.1, =1.0.0, =1.2.6, =1.23.2, =3.0.0-alpha.0, =3.1.0, =3.12.0-rc.0 and more Source cves: CVE-2025-66031 Source advisory: SNYK:JS-NODEFORGE-14125745...
CVE-2025-66262
creationtimestamp| type| source ---|---|--- 2025-11-26 04:16:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m6iyonclsl2q 2025-11-26 05:02:33+00:00| seen| https://infosec.exchange/users/offseq/statuses/115614243355234711 2025-11-26 05:02:34+00:00| seen|...
CVE-2025-62209
creationtimestamp| type| source ---|---|--- 2025-11-11 17:29:38+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2025-0358 2025-11-11 17:30:42+00:00| seen| https://www.thezdi.com/blog/2025/11/11/the-november-2025-security-update-review...
EUVD-2025-37651
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able to cause unexpected system termination or read kernel memory...
CVE-2025-40092
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Refactor bind path to use free After an bind/unbind cycle, the ncm-notifyreq is left stale. If a subsequent bind fails, the unified error label attempts to free this stale request, leading to a NULL pointer...
CVE-2025-5717
creationtimestamp| type| source ---|---|--- 2025-10-28 08:30:14+00:00| seen| https://bsky.app/profile/campuscodi.risky.biz/post/3m4ajdlmjh22f 2025-10-29 02:19:23+00:00| seen| https://bsky.app/profile/pmloik.bsky.social/post/3m4cf3fla3u2m...
CVE-2025-61881
...
CVE-2025-39872
In the Linux kernel, the following vulnerability has been resolved: hsr: hold rcu and dev lock for hsrgetportndev hsrgetportndev calls hsrforeachport, which need to hold rcu lock. On the other hand, before return the port device, we need to hold the device reference to avoid UaF in the caller...
CVE-2025-39883
In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix VMBUGONPAGEPagePoisonedpage when unpoison memory When I did memory failure tests, below panic occurs: page dumped because: VMBUGONPAGEPagePoisonedpage kernel BUG at include/linux/page-flags.h:616! Oops:...
WordPress Compress Then Upload plugin < 1.0.5 - Admin+ Arbitrary File Upload vulnerability
Admin+ Arbitrary File Upload vulnerability discovered by Muhammed Çelik in WordPress Plugin Compress Then Upload versions 1.0.5...
WordPress Vibes plugin <= 2.2.0 - Unauthenticated SQL Injection via `resource` Parameter vulnerability
Unauthenticated SQL Injection via resource Parameter vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Vibes versions = 2.2.0...
aeiou (>=0.0.12 <=0.0.21), aistore (>=1.4.23 <=1.8.0) +200 more potentially affected by CVE-2025-23294 via webdataset (>=0.1.103 <=1.0.2)
webdataset PYPI version =0.1.103, =0.0.12, =1.4.23, =1.0.0, =0.0.1, =1.0.2.1, =1.0.0, =0.1.1a1, =0.1.0, =0.0.13, =1.0.3, =0.0.1.dev6, =0.4.0 and more Source cves: CVE-2025-23294 Source advisory: SNYK:PYTHON-WEBDATASET-12089391...
CVE-2025-54395
Netwrix Directory Manager formerly Imanami GroupID 11.0.0.0 before 11.1.25162.02 allows XSS for authentication configuration data...
CVE-2025-62830
...