ROOT-OS-UBUNTU-2404-CVE-2025-38334 CVE-2025-38334 in rootio-linux - Patched by Root

Root has patched CVE-2025-38334 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

CLSA-2026-1777446167 pixman: Fix of CVE-2022-44638

CVE-2022-44638: Integer overflow in pixmansamplefloory leading to heap out-of-bounds write in rasterizeedges8...

UBUNTU-CVE-2026-23309

In the Linux kernel, the following vulnerability has been resolved: tracing: Add NULL pointer check to triggerdatafree If triggerdataalloc fails and returns NULL, eventhisttriggerparse jumps to the outfree error path. While kfree safely handles a NULL pointer, triggerdatafree does not. This cause...

langextract-poc

LangExtract POC - Arquitectura Hexagonal Sistema de extracció...

Comparison of Security Mechanisms of Mathematical Cipher, Wyner Scheme, QKD, and Quantum Stream Cipher

A new generation of global communications technology has been emerging. These systems, which utilize established device technologies and quantum effect devices, require ultra-high speeds, low cost, and strong security. In recent years, global communication systems have faced various practical...

CVE-2020-37081

Fishing Reservation System 7.5 contains multiple remote SQL injection vulnerabilities in admin.php, cart.php, and calendar.php that allow attackers to inject malicious SQL commands. Attackers can exploit vulnerable parameters like uid, pid, type, m, y, and code to compromise the database manageme...

CVE-2025-13175

Y Soft SafeQ 6 renders the Workflow Connector password field in a way that allows an administrator with UI access to reveal the value using browser developer/inspection tools. The affected customers are only those with a password-protected scan workflow connector. This issue affects Y Soft SafeQ ...

CVE-2025-13175

Y Soft SafeQ 6 renders the Workflow Connector password field in a way that allows an administrator with UI access to reveal the value using browser developer/inspection tools. The affected customers are only those with a password-protected scan workflow connector. This issue affects Y Soft SafeQ ...

CVE-2025-13175

CVE-2025-13175 affects Y Soft SafeQ 6; the issue is the Workflow Connector password field being rendered insecurely, allowing an administrator with UI access to reveal the password via browser developer/inspection tools. Affected versions are before MU106. The impact is exposure of the password f...

Y Soft SafeQ 安全漏洞

Y Soft SafeQ is a print management software from the Czech company Y Soft. A security vulnerability exists in versions prior to Y Soft SafeQ 6 MU106, which stems from the presentation of the Workflow Connector password field in a way that allows administrators with UI access to view the password...

CVE-2022-23862

A Local Privilege Escalation issue was discovered in Y Soft SAFEQ 6 Build 53. The SafeQ JMX service running on port 9696 is vulnerable to JMX MLet attacks. Because the service did not enforce authentication and was running under the "NT Authority\System" user, an attacker is able to use the...

CVE-2022-23861

Multiple Stored Cross-Site Scripting vulnerabilities were discovered in Y Soft SAFEQ 6 Build 53. Multiple fields in the YSoft SafeQ web application can be used to inject malicious inputs that, due to a lack of output sanitization, result in the execution of arbitrary JS code. These fields can be...

Linux Distros Unpatched Vulnerability : CVE-2023-54181

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Fix issue in verifying allowptrleaks After we converted the capabilities of our networking-bpf program from capsysadmin to capnetadmin+capbpf, our...

CVE-2025-14856

A security vulnerability has been detected in yproject RuoYi up to 4.8.1. The affected element is an unknown function of the file /monitor/cache/getnames. Such manipulation of the argument fragment leads to code injection. The attack can be executed remotely. The exploit has been disclosed public...

CVE-2025-14856 y_project RuoYi getnames code injection

A security vulnerability has been detected in yproject RuoYi up to 4.8.1. The affected element is an unknown function of the file /monitor/cache/getnames. Such manipulation of the argument fragment leads to code injection. The attack can be executed remotely. The exploit has been disclosed public...

CVE-2025-14856

The CVE-2025-14856 entry concerns y_project RuoYi up to version 4.8.1. The vulnerability is due to manipulation of the fragment argument in the file /monitor/cache/getnames, which can lead to code injection. A remote attacker can exploit this, and public exploit information has been disclosed. Af...

USN-7938-1 linux-azure-5.15 vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

CVE-2025-12590 YSlider <= 1.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting

The YSlider plugin for WordPress is vulnerable to Cross-Site Request Forgery to Stored Cross-Site Scripting in all versions up to, and including, 1.1. This is due to missing nonce verification on the content configuration page and insufficient input sanitization and output escaping. This makes it...

Malicious code in hushed_flyingfish_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 77f16155670228ee2982b35f397fe28ff7787aa497eaf18378c115e5cc428689 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Security-Robustness Trade-Offs in Diffusion Steganography: A Comparative Analysis of Pixel-Space and VAE-Based Architectures

Current generative steganography research mainly pursues computationally expensive mappings to perfect Gaussian priors within single diffusion model architectures. This work introduces an efficient framework based on approximate Gaussian mapping governed by a scale factor calibrated through...