1041 matches found
Google Gemini Enterprise 安全漏洞
Google Gemini Enterprise is a generative AI platform developed by Google, Inc. of the United States. There is a security vulnerability in Google Gemini Enterprise, which stems from the use of predictable Google Cloud Storage bucket names. This vulnerability may allow attackers to preemptively tak...
RustFS has SourceIp bypass via spoofed X-Forwarded-For/Real-IP headers
Summary IP-based access control can be bypassed: getconditionvalues trusts client-supplied X-Forwarded-For/X-Real-Ip without verifying a trusted proxy, so any reachable client can spoof aws:SourceIp and satisfy IP-allowlist policies. Details - Vulnerable code: rustfs/src/auth.rs:289-304 sets...
Azure Linux 3.0 Security Update: kernel (CVE-2025-38637)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38637 advisory. - In the Linux kernel, the following vulnerability has been resolved: netsched: skbprio: Remove overly strict...
CVE-2023-45279
Yamcs 5.8.6 allows XSS issue 1 of 2. It comes with a Bucket as its primary storage mechanism. Buckets allow for the upload of any file. There's a way to upload a display referencing a malicious JavaScript file to the bucket. The user can then open the uploaded display by selecting Telemetry from...
CVE-2019-11496
In versions of Couchbase Server prior to 5.0, the bucket named "default" was a special bucket that allowed read and write access without authentication. As part of 5.0, the behavior of all buckets including "default" were changed to only allow access by authenticated users with sufficient...
CVE-2022-23509
Weave GitOps is a simple open source developer platform for people who want cloud native applications, without needing Kubernetes expertise. GitOps run has a local S3 bucket which it uses for synchronizing files that are later applied against a Kubernetes cluster. The communication between GitOps...
CVE-2025-14053 Travel Bucket List <= 0.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
The Wish To Go plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcode attributes in all versions up to, and including, 0.5.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with...
CVE-2025-14053
The CVE-2025-14053 entry concerns Travel Bucket List – Wish To Go (WordPress plugin). It describes Stored Cross-Site Scripting via shortcode attributes in versions up to 0.5.2 due to insufficient input sanitization/output escaping. Exploitation requires authenticated access at Contributor level o...
WordPress Travel Bucket List plugin <= 0.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode Attributes vulnerability discovered by ChamlaVic in WordPress Plugin Wish To Go versions = 0.5.2...
PT-2026-28522
Name of the Vulnerable Software and Affected Versions Incus versions prior to 6.23.0 Description Incus, a system container and virtual machine manager, contains a flaw where a specially crafted storage bucket backup can be used by a user with access to the storage bucket feature to crash the Incu...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993032)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993032 advisory. In the Linux kernel, the following vulnerability has been resolved: netsched: skbprio: Remove overly strict queue assertions In the current implementation, skbprio...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992663)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992663 advisory. In the Linux kernel, the following vulnerability has been resolved: netsched: skbprio: Remove overly strict queue assertions In the current implementation, skbprio...
CVE-2023-54033
In the Linux kernel, the following vulnerability has been resolved: bpf: fix a memory leak in the LRU and LRUPERCPU hash maps The LRU and LRUPERCPU maps allocate a new element on update before locking the target hash table bucket. Right after that the maps try to lock the bucket. If this fails,...
SUSE CVE-2023-54033
In the Linux kernel, the following vulnerability has been resolved: bpf: fix a memory leak in the LRU and LRUPERCPU hash maps The LRU and LRUPERCPU maps allocate a new element on update before locking the target hash table bucket. Right after that the maps try to lock the bucket. If this fails,...
CVE-2023-54033
In the Linux kernel, the following vulnerability has been resolved: bpf: fix a memory leak in the LRU and LRUPERCPU hash maps The LRU and LRUPERCPU maps allocate a new element on update before locking the target hash table bucket. Right after that the maps try to lock the bucket. If this fails,...
CVE-2023-54033
In the Linux kernel, the following vulnerability has been resolved: bpf: fix a memory leak in the LRU and LRUPERCPU hash maps The LRU and LRUPERCPU maps allocate a new element on update before locking the target hash table bucket. Right after that the maps try to lock the bucket. If this fails,...
UBUNTU-CVE-2023-54033
In the Linux kernel, the following vulnerability has been resolved: bpf: fix a memory leak in the LRU and LRUPERCPU hash maps The LRU and LRUPERCPU maps allocate a new element on update before locking the target hash table bucket. Right after that the maps try to lock the bucket. If this fails,...
CVE-2023-54033
The CVE-2023-54033 issue affects the Linux kernel BPF maps, specifically the LRU and LRU_PERCPU hash maps. The vulnerability arises when updating these maps allocates a new element before attempting to lock the target bucket; if bucket locking fails, the allocated element is not released, making ...
CVE-2023-54033 bpf: fix a memory leak in the LRU and LRU_PERCPU hash maps
In the Linux kernel, the following vulnerability has been resolved: bpf: fix a memory leak in the LRU and LRUPERCPU hash maps The LRU and LRUPERCPU maps allocate a new element on update before locking the target hash table bucket. Right after that the maps try to lock the bucket. If this fails,...
CVE-2023-54033 bpf: fix a memory leak in the LRU and LRU_PERCPU hash maps
In the Linux kernel, the following vulnerability has been resolved: bpf: fix a memory leak in the LRU and LRUPERCPU hash maps The LRU and LRUPERCPU maps allocate a new element on update before locking the target hash table bucket. Right after that the maps try to lock the bucket. If this fails,...