Aggregator

A vulnerability has been found in Availability Booking Calendar 5.0 and classified as problematic. Impacted is an unknown function. Performing a manipulation of the argument SMS API Key/Default Country Code results in basic cross site scripting. This vulnerability is identified as CVE-2023-48825. The attack can be initiated remotely. There is not any exploit available.

A vulnerability was found in BoidCMS 2.0.1. It has been rated as problematic. This impacts an unknown function. This manipulation of the argument title/subtitle/footer/keywords causes cross site scripting. This vulnerability is registered as CVE-2023-48824. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability described as critical has been identified in kkFileView 4.3.0. Impacted is an unknown function. Executing a manipulation can lead to improper access controls. This vulnerability is registered as CVE-2023-48815. The attack requires access to the local network. No exploit is available.

Currently trending CVE - Hype Score: 8 - Type Confusion in V8 in Google Chrome prior to 137.0.7151.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Cybercrime group ShinyHunters leaked the full Odido dataset, the Netherlands is facing the biggest data leak in its history. Odido is a Dutch telecommunications company and one of the largest mobile network operators in the Netherlands. It was formed when T-Mobile Netherlands and Tele2 were rebranded as Odido in 2023 after private equity firms Apax Partners and Warburg Pincus […]

A vulnerability marked as critical has been reported in WP Mail Logging Plugin up to 1.15.0 on WordPress. The affected element is the function maybe_unserialize of the component Log Message Handler. The manipulation leads to deserialization. This vulnerability is listed as CVE-2026-2471. The attack may be initiated remotely. There is no available exploit.

A vulnerability described as critical has been identified in Tutor LMS Plugin up to 3.9.4/3.9.6 on WordPress. The impacted element is an unknown function. The manipulation of the argument coupon_code results in sql injection. This vulnerability is cataloged as CVE-2025-13673. The attack may be launched remotely. There is no exploit available.

OpenSSF и участники экосистем обсуждают обязательные взносы для компаний, которые используют open source-инфраструктуру в промышленных масштабах.

A vulnerability was found in Linux Kernel up to 6.0.6. It has been classified as critical. This affects the function nsim_drv_probe of the component netdevsim. This manipulation causes memory leak. This vulnerability is registered as CVE-2022-50500. The attack requires access to the local network. No exploit is available. Upgrading the affected component is recommended.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.1.1. This affects the function binfmt_misc. The manipulation results in out-of-bounds read. This vulnerability is identified as CVE-2022-50497. The attack can only be performed from the local network. There is not any exploit available. You should upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.74/5.19.16/6.0.2. It has been classified as critical. This vulnerability affects the function rtnl_lock of the file net/core/dev.c of the component eth. The manipulation leads to reachable assertion. This vulnerability is listed as CVE-2022-50498. The attack must be carried out from within the local network. There is no available exploit. Upgrading the affected component is recommended.

This issue was flagged as a false-positive. Please consult the sources mentioned and consider not using this entry at all.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.0.2. Affected by this vulnerability is the function get_cpu of the component thermal. Such manipulation leads to injection. This vulnerability is referenced as CVE-2022-50494. The attack needs to be initiated within the local network. No exploit is available. You should upgrade the affected component.

A vulnerability described as critical has been identified in Linux Kernel up to 5.10.153/5.15.76/6.0.6. This issue affects the function cti_disable_hw. Such manipulation leads to stack-based buffer overflow. This vulnerability is uniquely identified as CVE-2022-50491. The attack can only be initiated within the local network. No exploit exists. Upgrading the affected component is recommended.

A vulnerability classified as critical was found in Linux Kernel up to 6.0.6. This impacts an unknown function. The manipulation results in use after free. This vulnerability was named CVE-2022-50492. The attack needs to be approached within the local network. There is no available exploit. Upgrading the affected component is advised.