Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the erspan driver's incorrect use of skbmacheader in ndostartxmit, which could lead to memory access errors...

Linux Distros Unpatched Vulnerability : CVE-2022-29181

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nokogiri is an open source XML and HTML library for Ruby. Nokogiri prior to version 1.13.6 does not type- check all inputs into the XML and HTML4 SAX parsers,...

Out-of-bounds Read

libpoppler.so is vulnerable to Out-of-bounds Read. The vulnerability is due to improper handling of bitmap combinations within the JBIG2Bitmap::combine function in JBIG2Stream.cc, leading to potential memory access errors...

PT-2026-26113

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue related to exception handling within the LoongArch BPF JIT compiler. Specifically, the kernel did not proactively call the common fixup routine to...

The vulnerability of the Cisco Application Policy Infrastructure Controller, related to access control errors, allows a perpetrator to execute arbitrary code and elevate their privileges to the root level.

The vulnerability of the Cisco Application Policy Infrastructure Controller relates to access control errors. Exploiting this vulnerability allows a malicious actor to execute arbitrary code and elevate their privileges to the root level...

CVE-2024-44989

In the Linux kernel, the following vulnerability has been resolved: bonding: fix xfrm realdev null pointer dereference We shouldn't set realdev to NULL because packets can be in transit and xfrm might call xdodevoffloadok in parallel. All callbacks assume realdev is set. Example trace: kernel: BU...

SUSE CVE-2024-45620

A vulnerability was found in the pkcs15-init tool in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accesse...

DEBIAN-CVE-2024-26762

In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Skip to handle RAS errors if CXL.mem device is detached The PCI AER model is an awkward fit for CXL error handling. While the expectation is that a PCI device can escalate to link reset to recover from an AER event, the...

CVE-2024-26730

In the Linux kernel, the following vulnerability has been resolved: hwmon: nct6775 Fix access to temperature configuration registers The number of temperature configuration registers does not always match the total number of temperature registers. This can result in access errors reported if KASA...

CVE-2024-26730

In the Linux kernel, the following vulnerability has been resolved: hwmon: nct6775 Fix access to temperature configuration registers The number of temperature configuration registers does not always match the total number of temperature registers. This can result in access errors reported if KASA...

CVE-2024-26730

The CVE-2024-26730 entry concerns the Linux kernel hwmon/nct6775 driver. The vulnerability arises from a mismatch between the number of temperature configuration registers and the total temperature registers, which can trigger out-of-bounds access (KASAN) in nct6775_probe/nct6775_core. The issue ...

CVE-2024-26730 hwmon: (nct6775) Fix access to temperature configuration registers

In the Linux kernel, the following vulnerability has been resolved: hwmon: nct6775 Fix access to temperature configuration registers The number of temperature configuration registers does not always match the total number of temperature registers. This can result in access errors reported if KASA...

CVE-2024-26730 hwmon: (nct6775) Fix access to temperature configuration registers

In the Linux kernel, the following vulnerability has been resolved: hwmon: nct6775 Fix access to temperature configuration registers The number of temperature configuration registers does not always match the total number of temperature registers. This can result in access errors reported if KASA...

Important: byacc

Issue Overview: When processing files, malloc stores the data of the current line. When processing comments, malloc incorrectly accesses the released memory use after free. CVE-2021-33641 When a file is processed, an infinite loop occurs in nextinline of the morecurly function. CVE-2021-33642...

SUSE CVE-2006-3587

Unspecified vulnerability in Adobe Macromedia Flash Player 8.0.24.0 allows remote attackers to execute arbitrary commands via a malformed .swf file that results in "multiple improper memory access" errors...

SAMSUNG Mobile devices 缓冲区错误漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, and more, from South Korea's Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices SMR Jan-2023 Release 1 and earlier, which stems from an out-of-bounds read vulnerability in the...

The vulnerability of the njs_scope_valid_value function (njs_scope.h) in the NJS interpreter of the nginx server allows a attacker to cause a service failure.

The vulnerability of the njsscopevalidvalue function in the njs interpreter of the nginx server is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

Stack overflow

A stack-based buffer overflow vulnerability was found on Western Digital My Cloud Home, My Cloud Home Duo, and SanDisk ibi that could allow an attacker accessing the system locally to read information from /etc/version file. This vulnerability can only be exploited by chaining it with another...

GLSA-202208-29 : Nokogiri: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202208-29 Nokogiri: Multiple Vulnerabilities - Nokogiri is a Rubygem providing HTML, XML, SAX, and Reader parsers with XPath and CSS selector support. In Nokogiri before version 1.11.0.rc4 there is an XXE vulnerability. XML Schema...

riscv-isa-sim 安全漏洞

riscv-isa-sim is a RISC-V ISA simulator. A security vulnerability exists in riscv-isa-sim that stems from an incorrect implementation of exception prioritization when accessing memory...