580 matches found
Payload 授权问题漏洞
Payload is a Headless CMS and application framework built using TypeScript, Node.js, React, and MongoDB. Payload suffers from an authorization issue vulnerability that stems from SQLite adapters reusing identifiers during account creation, which could lead to a session fixation attack...
Linux Distros Unpatched Vulnerability : CVE-2021-22880
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The PostgreSQL adapter in Active Record before 6.1.2.1, 6.0.3.5, 5.2.4.5 suffers from a regular expression denial of service REDoS vulnerability. Carefully...
CVE-2025-54793
Astro is a web framework for content-driven websites. In versions 5.2.0 through 5.12.7, there is an Open Redirect vulnerability in the trailing slash redirection logic when handling paths with double slashes. This allows an attacker to redirect users to arbitrary external domains by crafting URLs...
CVE-2025-54793 Astro: Duplicate trailing slash feature can lead to Open Redirects
Astro is a web framework for content-driven websites. In versions 5.2.0 through 5.12.7, there is an Open Redirect vulnerability in the trailing slash redirection logic when handling paths with double slashes. This allows an attacker to redirect users to arbitrary external domains by crafting URLs...
CVE-2025-54793
Summary: CVE-2025-54793 affects Astro web framework. Versions 5.2.0 through 5.12.7 have an Open Redirect in the trailing slash redirection logic when handling paths with double slashes, enabling a user to be redirected to an external domain via crafted URLs (e.g., https://example.com//malicious-s...
Differentially Private Federated Low Rank Adaptation beyond Fixed-Matrix
Large language models LLMs typically require fine-tuning for domain-specific tasks, and LoRA offers a computationally efficient approach by training low-rank adapters. LoRA is also communication-efficient for federated LLMs when multiple users collaboratively fine-tune a global LLM model without...
The vulnerability of the ngene_command_config_free_buf() function in the driver drivers/media/pci/ngene/ngene-core.c file of Micronas PCI Express card adapters in Linux operating systems allows a hacker to cause a service failure.
The vulnerability of the ngenecommandconfigfreebuf function in the drivers/media/pci/ngene/ngene-core.c file of Micronas PCI Express card adapters related to Linux operating systems involves reading beyond the buffer’s boundaries. Exploiting this vulnerability can allow an attacker to cause a...
The vulnerability of the smsc75xx_bind() function in the drivers/net/usb/smsc75xx.c file allows a hacker to cause a service failure. This vulnerability relates to Linux kernel-based USB network adapters.
The vulnerability of the smsc75xxbind function in the drivers/net/usb/smsc75xx.c file, which is related to Linux kernel USB network adapters, stems from the reutilization of previously freed memory. Exploiting this vulnerability can allow an attacker to cause a service failure...
CVE-2021-33162
Improper access control in some IntelR Ethernet Adapters and IntelR Ethernet Controller I225 Manageability firmware may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2020-27220
The Eclipse Hono AMQP and MQTT protocol adapters do not check whether an authenticated gateway device is authorized to receive command & control messages when it has subscribed only to commands for a specific device. The missing check involves verifying that the command target device is configure...
CVE-2019-0159
Insufficient memory protection in the Linux Administrative Tools for IntelR Network Adapters before version 24.3 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2025-20104
Race condition in some Administrative Tools for some IntelR Network Adapters package before version 29.4 may allow an authenticated user to potentially enable escalation of privilege via local access...
Malicious code in defipulse-adapters (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 14d5536c5f6bcb7069516bd2682ee50724915e891c5f1aa5c68ef38d32f9e2d3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3826 Malicious code in defipulse-adapters (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 14d5536c5f6bcb7069516bd2682ee50724915e891c5f1aa5c68ef38d32f9e2d3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
AC-LoRA: (Almost) Training-Free Access Control-Aware Multi-Modal LLMs
Corporate LLMs are gaining traction for efficient knowledge dissemination and management within organizations. However, as current LLMs are vulnerable to leaking sensitive information, it has proven difficult to apply them in settings where strict access control is necessary. To this end, we desi...
CVE-2025-20104
Race condition in some Administrative Tools for some IntelR Network Adapters package before version 29.4 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2025-20104
CVE-2025-20104 describes a race condition in Intel Network Adapters software, specifically affecting Intel Network Adapters package and Administrative Tools for Intel Network Adapters before version 29.4. The underlying issue allows an authenticated local user to potentially escalate privileges. ...
CVE-2025-20104
Race condition in some Administrative Tools for some IntelR Network Adapters package before version 29.4 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2025-20104
Race condition in some Administrative Tools for some IntelR Network Adapters package before version 29.4 may allow an authenticated user to potentially enable escalation of privilege via local access...
Intel Network Adapters 代码问题漏洞
Intel Network Adapters is a family of adapters from Intel Corporation USA. A code issue vulnerability exists in Intel Network Adapters versions prior to 11 29.4, which stems from insufficient search path control and could lead to elevation of privilege...