CVE-2006-6014

The NetBSD-current kernel before 20061028 does not properly perform bounds checking of an unspecified userspace parameter in the ptrace system call during a PTDUMPCORE request, which allows local users to have an unknown impact...

Model Checking the Security of the Lightning Network

Payment channel networks are an approach to improve the scalability of blockchain-based cryptocurrencies. The Lightning Network is a payment channel network built for Bitcoin that is already used in practice. Because the Lightning Network is used for transfer of financial value, its security in t...

FreeFloat FTP Server 安全漏洞

FreeFloat FTP Server is an FTP service from FreeFloat. A buffer overflow vulnerability exists in FreeFloat FTP Server due to incorrect boundary checking in the APPEND component command handler. No detailed vulnerability details are provided at this time...

FreeFloat FTP Server 安全漏洞

FreeFloat FTP Server is a FTP Server software developed by FreeFloat Inc. FreeFloat FTP Server suffers from a BINARY command buffer overflow vulnerability. The vulnerability is caused due to incorrect boundary checking in the component BINARY command handler, and no detailed vulnerability details...

CVE-2025-37938 tracing: Verify event formats that have "%*p.."

In the Linux kernel, the following vulnerability has been resolved: tracing: Verify event formats that have "%p.." The trace event verifier checks the formats of trace events to make sure that they do not point at memory that is not in the trace event itself or in data that will never be freed. I...

Buffer Overflow

libavif is vulnerable to Buffer Overflow. The vulnerability is due to integer overflow due to improper bounds checking when calculating stream-offset + size in makeRoom in stream.c, which can lead to a buffer overflow...

The vulnerability of the DIWEB virtual machine Dionis-NX allows a hacker to elevate their privileges to the root level and execute arbitrary code.

The vulnerability of the DIWEB virtual machine Dionis-NX relates to insufficient checking of arguments passed in commands. Exploiting this vulnerability allows a malicious actor to elevate their privileges to root level and execute arbitrary code by introducing special characters...

The vulnerability of the DIWEB virtual machine on the Dionis-NX system allows a hacker to elevate their privileges to the root level.

The vulnerability of the DIWEB virtual machine Dionis-NX relates to insufficient checking of arguments passed in commands. Exploiting this vulnerability allows a malicious actor to elevate their privileges to root level by executing a specially crafted command from an SSH client...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

PT-2025-35952

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The event seq changed handler in the Linux kernel does not validate the payload size against the message length, potentially leading to out-of-bounds memory access if the firmware provid...

ALSA-2025:7903 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: vsock: Keep the binding until socket destruction CVE-2025-21756 kernel: dm-flakey: Fix memory corruption in optional corruptbiobyte feature CVE-2025-21966 kernel: net: ppp: Add bound...

CVE-2025-47793

Nextcloud Server is a self hosted personal cloud system, and the Nextcloud Groupfolders app provides admin-configured folders shared by everyone in a group or team. In Nextcloud Server prior to 30.0.2, 29.0.9, and 28.0.1, Nextcloud Enterprise Server prior to 30.0.2 and 29.0.9, and Nextcloud...

CVE-2025-47793

Nextcloud Server is a self hosted personal cloud system, and the Nextcloud Groupfolders app provides admin-configured folders shared by everyone in a group or team. In Nextcloud Server prior to 30.0.2, 29.0.9, and 28.0.1, Nextcloud Enterprise Server prior to 30.0.2 and 29.0.9, and Nextcloud...

OESA-2025-1511 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: usb: atm: cxacru: fix a flaw in existing endpoint checks Syzbot once again identified a flaw in usb endpoint checking, see 1. This time the issue stems from a...

PT-2025-21661 · Nextcloud +1 · Nextcloud Enterprise Server +3

Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 30.0.2 Nextcloud Server versions prior to 29.0.9 Nextcloud Server versions prior to 28.0.1 Nextcloud Enterprise Server versions prior to 30.0.2 Nextcloud Enterprise Server versions prior to 29.0.9 Nextcloud...

GO-2025-3678 Ring: some aes functions may panic when overflow checking is enabled in ring in github.com/briansmith/ring

Ring: some aes functions may panic when overflow checking is enabled in ring in github.com/briansmith/ring...

CVE-2025-46836 net-tools Stack-based Buffer Overflow vulnerability

net-tools is a collection of programs that form the base set of the NET-3 networking distribution for the Linux operating system. Inn versions up to and including 2.10, the Linux network utilities like ifconfig from the net-tools package do not properly validate the structure of /proc files when...

CVE-2025-31209

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6, tvOS 18.5, visionOS 2.5, watchOS 11.5. Parsing a file may lead to disclosure of user information...

CVE-2025-3649

The LightPress Lightbox WordPress plugin before 2.3.4 does not check download links point to valid, non-Javascript URLs, allowing users with at least the contributor role to conduct Stored XSS attacks...

SAMSUNG Exynos 安全漏洞

SAMSUNG Exynos is a series of SoC, Arm architecture-based processors developed and manufactured by Samsung Mobile, a South Korean company. A security vulnerability exists in SAMSUNG Exynos that stems from a lack of length checking leading to out-of-bounds access...