Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a lack of proper checking in DML21, which could lead to false warnings...

Security Bulletin:IBM MQ is vulnerable to a buffer overflow issue (CVE-2024-25048)

Summary An issue was identified with IBM MQ when a client sends a malformed xarecover request. This can result in a memory overwrite or buffer overflow within the queue manager. Vulnerability Details CVEID:CVE-2024-25048 DESCRIPTION: IBM MQ Appliance 9.3 CD and LTS are vulnerable to a heap-based...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. A type confusion vulnerability exists in Google Chrome V8. The vulnerability is caused due to the V8 engine improperly handling bounds checking and type conversion for certain data types when executing JavaScript code, resulting in...

Moodle 安全漏洞

Moodle is a free e-learning software platform open-sourced by Moodle, also known as a course management system, learning management system or virtual learning environment. Moodle suffers from a security vulnerability that stems from insufficient checking of state and permission capabilities...

WordPress plugin VG WORT METIS 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

D-Link DIR-619L 安全漏洞

The D-Link DIR-619L is a wireless router from China-based AUO D-Link. A stack buffer overflow vulnerability exists in the D-Link DIR-619L /formAutoDetecWANwizard4 file due to incorrect boundary checking in the function formAutoDetecWANwizard4 of the file /goform/formAutoDetecWANwizard4 caused. An...

D-Link DIR-619L 安全漏洞

The D-Link DIR-619L is a wireless router from China's AUO D-Link. A stack buffer overflow vulnerability exists in the D-Link DIR-619L /formAdvanceSetup file, which is caused by improper boundary checking. An attacker could exploit this vulnerability to cause a buffer overflow, execute arbitrary...

The vulnerability of the soup_uri_decode_data_uri() function in the GNOME graphical interface library libsoup allows a attacker to cause a service failure.

The vulnerability of the soupuridecodedatauri function in the libsoup library, a GNOME graphical interface library, is related to insufficient checking of exceptional states. Exploiting this vulnerability could allow an attacker to cause a service failure by sending a specially crafted POST reque...

SUSE CVE-2022-49985

In the Linux kernel, the following vulnerability has been resolved: bpf: Don't use tnumrange on array range checking for poke descriptors Hsin-Wei reported a KASAN splat triggered by their BPF runtime fuzzer which is based on a customized syzkaller: BUG: KASAN: slab-out-of-bounds in...

CVE-2022-49985

The CVE-2022-49985 entry concerns the Linux kernel, where the BPF component allowed a range check descriptor to misrepresent a tight range because tnum_range(0, map->max_entries-1) may yield a superset of the intended values. The root cause is that the tnum-based range representation can erron...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a lack of bounds checking, which could lead to out-of-bounds memory access...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a lack of bounds checking and could lead to a buffer overflow...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from insufficient parameter checking in the i740calcvclk function, which could lead to a divide-by-zero error...

FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2025-14364)

FreeFloat FTP Server is an FTP service from FreeFloat. FreeFloat FTP Server suffers from a buffer overflow vulnerability that is caused by incorrect boundary checking in the MDIR component command handler. No detailed vulnerability details are provided at this time...

Microsoft Word Code Execution Vulnerability (CNVD-2025-17472)

Microsoft Word is a word processing software in the Office suite of the U.S. company Microsoft Microsoft. A code execution vulnerability exists in Microsoft Word, which is caused due to improper boundary checking. An attacker could exploit the vulnerability to execute arbitrary code on the system...

FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2025-14363)

FreeFloat FTP Server is an FTP service from FreeFloat. FreeFloat FTP Server suffers from a buffer overflow vulnerability that is caused by incorrect boundary checking in the DEBUG component command handler. No detailed vulnerability details are provided at this time...

Microsoft Word 安全漏洞

Microsoft Word is a word processing software in the Office suite of the U.S. company Microsoft Microsoft. A code execution vulnerability exists in Microsoft Word, which is caused due to improper boundary checking. An attacker could exploit the vulnerability to execute arbitrary code on the system...

FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2025-14379)

FreeFloat FTP Server is a FTP Server software developed by FreeFloat Inc. FreeFloat FTP Server suffers from a BINARY command buffer overflow vulnerability. The vulnerability is caused due to incorrect boundary checking in the component BINARY command handler, and no detailed vulnerability details...

WordPress plugin Art Theme 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

Incentivizing Collaborative Breach Detection

Decoy passwords, or "honeywords," alert a site to its breach if they are ever entered in a login attempt on that site. However, an attacker can identify a user-chosen password from among the decoys, without risk of alerting the site to its breach, by performing credential stuffing, i.e., entering...