1041 matches found
CVE-2025-38201
CVE-2025-38201 affects the Linux kernel netfilter nft_set_pipapo. The issue arises when resizing hashtables in netfilter, where WARN_ON_ONCE can trigger if GFP flags allow high bucket counts; the fix clamps the maximum map bucket size to INT_MAX. The vulnerability is described as local-attack-vec...
CVE-2025-38201 netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: clamp maximum map bucket size to INTMAX Otherwise, it is possible to hit WARNONONCE in kvmallocnodenoprof when resizing hashtable because GFPNOWARN is unset. Similar to: b541ba7d1f5a "netfilter: conntrack...
CVE-2025-34064
OneLogin AD Connector is affected by a cloud infrastructure misconfiguration that sends log data to a hardcoded S3 bucket (onelogin-adc-logs-production) without validating bucket ownership. An attacker who registers an unclaimed bucket can receive log files from other tenants, potentially exposin...
PT-2025-27552 · Onelogin · Onelogin Ad Connector
Name of the Vulnerable Software and Affected Versions: OneLogin AD Connector affected versions not specified Description: A cloud infrastructure misconfiguration in OneLogin AD Connector results in log data being sent to a hardcoded S3 bucket onelogin-adc-logs-production without validating bucket...
SUSE CVE-2025-38039
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Avoid WARNON when configuring MQPRIO with HTB offload enabled When attempting to enable MQPRIO while HTB offload is already configured, the driver currently returns -EINVAL and triggers a WARNON, leading to an...
DEBIAN-CVE-2025-38039
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Avoid WARNON when configuring MQPRIO with HTB offload enabled When attempting to enable MQPRIO while HTB offload is already configured, the driver currently returns -EINVAL and triggers a WARNON, leading to an...
UBUNTU-CVE-2025-38039
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Avoid WARNON when configuring MQPRIO with HTB offload enabled When attempting to enable MQPRIO while HTB offload is already configured, the driver currently returns -EINVAL and triggers a WARNON, leading to an...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the net/mlx5e driver not properly handling HTB offload cases when configuring MQPRIO, resulting in an unwant...
@nx/azure-cache Vulnerable to Build Cache Poisoning via Untrusted Pull Requests
A critical security vulnerability exists in remote cache extensions for common build systems utilizing bucket-based remote cache such as those using Amazon S3, Google Cloud Storage, or similar object storage that allows any contributor with pull request privileges to inject compromised artifacts...
GHSA-RRR2-JCR8-7Q3X @nx/azure-cache Vulnerable to Build Cache Poisoning via Untrusted Pull Requests
A critical security vulnerability exists in remote cache extensions for common build systems utilizing bucket-based remote cache such as those using Amazon S3, Google Cloud Storage, or similar object storage that allows any contributor with pull request privileges to inject compromised artifacts...
Nx 安全漏洞
Nx is an application from Nx, Inc. A security vulnerability exists in Nx that stems from a design flaw in the bucket-based remote cache that could lead to the injection of compromised artifacts into a trusted production environment...
CVE-2024-51908
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kevinabl Adventure Bucket List adventure-bucket-list allows DOM-Based XSS.This issue affects Adventure Bucket List: from n/a through = 1.0.9...
CVE-2023-28433
Minio is a Multi-Cloud Object Storage framework. All users on Windows prior to version RELEASE.2023-03-20T20-16-18Z are impacted. MinIO fails to filter the \ character, which allows for arbitrary object placement across buckets. As a result, a user with low privileges, such as an access key,...
CVE-2023-28434
Minio is a Multi-Cloud Object Storage framework. Prior to RELEASE.2023-03-20T20-16-18Z, an attacker can use crafted requests to bypass metadata bucket name checking and put an object into any bucket while processing PostPolicyBucket. To carry out this attack, the attacker requires credentials wit...
CVE-2023-6017
H2O included a reference to an S3 bucket that no longer existed allowing an attacker to take over the S3 bucket URL...
CVE-2022-36022
Deeplearning4J is a suite of tools for deploying and training deep learning models using the JVM. Packages org.deeplearning4j:dl4j-examples and org.deeplearning4j:platform-tests through version 1.0.0-M2.1 may use some unclaimed S3 buckets in tests in examples. This is likely affect people who use...
CVE-2022-22997
Addressed a remote code execution vulnerability by resolving a command injection vulnerability and closing an AWS S3 bucket that potentially allowed an attacker to execute unsigned code on My Cloud Home devices...
CVE-2022-32558
An issue was discovered in Couchbase Server before 7.0.4. Sample bucket loading may leak internal user passwords during a failure...
CVE-2021-43963
An issue was discovered in Couchbase Sync Gateway 2.7.0 through 2.8.2. The bucket credentials used to read and write data in Couchbase Server were insecurely being stored in the metadata within sync documents written to the bucket. Users with read access could use these credentials to obtain writ...
SUSE CVE-2025-37953
In the Linux kernel, the following vulnerability has been resolved: schhtb: make htbdeactivate idempotent Alan reported a NULL pointer dereference in htbnextrbnode after we made htbqlennotify idempotent. It turns out in the following case it introduced some regression: htbdequeuetree: |-...