Infinite loop

Overview Microsoft.AspNetCore.App.Runtime.linux-x64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Infinite loop in the FormDataReader.ProcessFormKeys...

Microsoft Office ClickToRun 访问控制错误漏洞

Microsoft Office ClickToRun is a component developed by Microsoft that allows for the download and installation of Microsoft Office products. There is an access control error vulnerability present in Microsoft Office ClickToRun. Attackers can exploit this vulnerability to gain higher privileges...

SUSE CVE-2026-43224

In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix sgtable leak on mapping failures In an unlikely case when iopopulateareadma fails, which could only happen on a PAGEPOOL32BITARCHWITH64BITDMA machine, iozcrxmaparea will have an initialised and not freed table. ...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: gpio: loongson-64bit: Fixed an incorrect NULL check after devmkcalloc Fixed an incorrect NULL check in loongsongpioinitirqchip. The function checks chip-parent instead of chip-irq.parents...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: net: wwan: t7xx: Fixed 64-bit access splitting to resolve alignment issues. Some registers are aligned at a 32-bit boundary, causing alignment errors on 64-bit platforms. Unable to handle kernel paging requests at the virtual...

CVE-2025-15610

The .NET Remoting framework used by OpenText Fax RightFax includes known security vulnerabilities that could be exploited if the service is exposed in environments where the remoting ports are accessible...

CVE-2026-35199 SymCrypt SymCryptXmssSign function - Heap overflow via 64->32-bit leaf-count truncation

SymCrypt is the core cryptographic function library currently used by Windows. From 103.5.0 to before 103.11.0, The SymCryptXmssSign function passes a 64-bit leaf count value to a helper function that accepts a 32-bit parameter. For XMSS^MT parameter sets with total tree height = 32 which include...

CVE-2026-23218

In the Linux kernel, the following vulnerability has been resolved: gpio: loongson-64bit: Fix incorrect NULL check after devmkcalloc Fix incorrect NULL check in loongsongpioinitirqchip. The function checks chip-parent instead of chip-irq.parents...

UBUNTU-CVE-2026-23218

In the Linux kernel, the following vulnerability has been resolved: gpio: loongson-64bit: Fix incorrect NULL check after devmkcalloc Fix incorrect NULL check in loongsongpioinitirqchip. The function checks chip-parent instead of chip-irq.parents...

CVE-2026-23218

In the Linux kernel, the following vulnerability has been resolved: gpio: loongson-64bit: Fix incorrect NULL check after devmkcalloc Fix incorrect NULL check in loongsongpioinitirqchip. The function checks chip-parent instead of chip-irq.parents...

Microsoft Excel 安全漏洞

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel due to an untrusted pointer dereference flaw. An attacker could exploit the vulnerability to execute arbitrary code on the system...

EUVD-2022-55698

In the Linux kernel, the following vulnerability has been resolved: misc: pciendpointtest: Fix pciendpointtestcopy,write,read panic The dmamapsingle doesn't permit zero length mapping. It causes a follow panic. A panic was reported on arm64: 60.137988 ------------ cut here ------------ 60.142630...

binary-exploitation-playground

Binary Exploitation Playground 🚩 Repository ini berisi kumpul...

CVE-2025-12382

Improper Limitation of a Pathname 'Path Traversal' vulnerability in Algosec Firewall Analyzer on Linux, 64 bit allows an authenticated user to upload files to a restricted directory leading to code injection. This issue affects Algosec Firewall Analyzer: A33.0 up to build 320, A33.10 up to build...

CVE-2025-12382

Improper Limitation of a Pathname 'Path Traversal' vulnerability in Algosec Firewall Analyzer on Linux, 64 bit allows an authenticated user to upload files to a restricted directory leading to code injection. This issue affects Algosec Firewall Analyzer: A33.0 up to build 320, A33.10 up to build...

FreeBSD Security Advisory - FreeBSD-SA-25:08.openssl

FreeBSD Security Advisory - FreeBSD includes software from the OpenSSL Project. OpenSSL suffers from some new vulnerabilities. An application trying to decrypt cryptographic message syntax CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. A timing...

Microsoft Word 安全漏洞

Microsoft Word is a word processing software in the Office suite of Microsoft Corporation USA. A security vulnerability exists in Microsoft Word. An attacker exploiting this vulnerability could gain access to sensitive information. The following products and editions are affected:Microsoft...

Linux Distros Unpatched Vulnerability : CVE-2024-42066

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix potential integer overflow in page size calculation Explicitly cast...

PT-2025-36333

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 14.8.2 Description ImageMagick is free and open-source software used for editing and manipulating digital images. The software includes insecure functions: SeekBlob, which allows advancing the stream offset beyond...

Linux Distros Unpatched Vulnerability : CVE-2025-8027

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - On 64-bit platforms IonMonkey-JIT only wrote 32 bits of the 64-bit return value space on the stack. Baseline-JIT, however, read the entire 64 bits. This...