CVE-2025-54636

Issue of buffer overflow caused by insufficient data verification in the kernel drop detection module. Impact: Successful exploitation of this vulnerability may affect availability...

Linux Distros Unpatched Vulnerability : CVE-2023-1382

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A data race flaw was found in the Linux kernel, between where con is allocated and con-sock is set. This issue leads to a NULL pointer dereference when accessin...

ROS-20250806-05

A vulnerability in the Job Invocation component of tfm-rubygem-foremanansible is related to data manipulation. Exploitation of the vulnerability could allow an attacker acting remotely to view the job invocation, searching for passwords and other sensitive data...

Linux Distros Unpatched Vulnerability : CVE-2024-27080

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race when detecting delalloc ranges during fiemap For fiemap we recently stopped...

CVE-2025-8341

Grafana is an open-source platform for monitoring and observability. The Infinity datasource plugin, maintained by Grafana Labs, allows visualizing data from JSON, CSV, XML, GraphQL, and HTML endpoints. If the plugin was configured to allow only certain URLs, an attacker could bypass this...

CVE-2025-6730

The Bonanza – WooCommerce Free Gifts Lite plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the xlooptincall function in all versions up to, and including, 1.0.0. This makes it possible for authenticated attackers, with Subscriber-level...

PT-2025-31320 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 15.6 macOS versions prior to 14.7.7 macOS versions prior to 13.7.7 Description: A flaw allows an application to potentially access protected user data due to a downgrade issue. This issue was addressed with additional...

PrompTrend: Continuous Community-Driven Vulnerability Discovery and Assessment for Large Language Models

Static benchmarks fail to capture LLM vulnerabilities emerging through community experimentation in online forums. We present PrompTrend, a system that collects vulnerability data across platforms and evaluates them using multidimensional scoring, with an architecture designed for scalable...

CVE-2025-54379

LF Edge eKuiper is a lightweight IoT data analytics and stream processing engine running on resource-constraint edge devices. In versions before 2.2.1, there is a critical SQL Injection vulnerability in the getLast API functionality of the eKuiper project. This flaw allows unauthenticated remote...

CVE-2025-7884 Eluktronics Control Center REG File data authenticity

A vulnerability classified as problematic was found in Eluktronics Control Center 5.23.51.41. Affected by this vulnerability is an unknown functionality of the component REG File Handler. The manipulation leads to insufficient verification of data authenticity. It is possible to launch the attack...

CVE-2025-40985 SQL Injection in SCATI Vision Web

SQL injection vulnerability in SCATI Vision Web of SCATI Labs from version 4.8 to 7.2. This vulnerability allows an attacker to exfiltrate some data from the database via the ‘login’ parameter in the endpoint ‘/scatevisionweb/index.php/loginForm’...

CVE-2025-53823

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Versions prior to 3.4.5 have a SQL Injection vulnerability in the endpoint /WeGIA/html/socio/sistema/processadeletarsocio.php, in the idsocio parameter. This vulnerability allows the execution...

CVE-2024-49783 IBM OpenPages with Watson information disclosure

IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in storage of encrypted data. If an authenticated remote attacker with access to the database or a local attacker with access to server files could extract the encrypted data, they could exploit this vulnerability t...

CVE-2024-36350

A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information...

CVE-2025-3648

A vulnerability has been identified in the Now Platform that could result in data being inferred without authorization. Under certain conditional access control list ACL configurations, this vulnerability could enable unauthenticated and authenticated users to use range query requests to infer...

CVE-2025-3648

The CVE-2025-3648 entry concerns the Now Platform, where data could be inferred without authorization under certain conditional ACL configurations. The vulnerability allows unauthenticated and authenticated users to use range query requests to infer instance data not meant to be accessible. Techn...

TELSAFE: Security Gap Quantitative Risk Assessment Framework

Gaps between established security standards and their practical implementation have the potential to introduce vulnerabilities, possibly exposing them to security risks. To effectively address and mitigate these security and compliance challenges, security risk management strategies are essential...

CVE-2025-5987

A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with th...

CVE-2025-5987

CVE-2025-5987 affects libssh when using ChaCha20 with OpenSSL. Root cause: OpenSSL error codes alias with SSH_OK, causing libssh to miss detection of an error during ChaCha20-Poly1305 key setup, potentially leading to a partially initialized cipher context and undefined behavior that can compromi...

CVE-2025-53493

creationtimestamp| type| source ---|---|--- 2025-07-02 17:49:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lsyrkl4e662p...