7652 matches found
Public API without sufficient bounds checking
Match::get and Match::ptr lack sufficient bounds checks, leading to potential out of bounds reads...
Unspecified Vulnerability in SAP S/4HANA (CNVD-2025-08314)
SAP S/4HANA is an enterprise resource management software based on the SAP HANA in-memory database system from SAP, Germany. A security vulnerability exists in SAP S/4HANA that stems from a lack of authorization checking, which could be exploited by an attacker to gain unauthorized access to...
Unspecified vulnerability in Lunary (CNVD-2025-06936)
Lunary is Lunary open source a production toolkit for LLM . Lunary afc5df4 version of a security vulnerability , the vulnerability stems from a flaw in the permission checking mechanism , an attacker can use this vulnerability to cause unauthorized access to sensitive endpoints...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the can isotp component splitting the tx timer into two functions, transmission and timeout, fixing a...
Security Bulletin: Urbancode Deploy is vulnerable to incorrect authorization reading Component Processes ( CVE-2022-35716 )
Summary Component process security checks can sometimes grant read-level access to users that do not have access if the process is owned by a Component Template and an endpoint performs multiple validations. Vulnerability Details CVEID:CVE-2022-35716 DESCRIPTION: IBM UrbanCode Deploy UCD could...
Vercel Next.js Privilege Bypass Vulnerability
Next.js is Vercel open source a React framework. Vercel Next.js suffers from a privilege bypass vulnerability that stems from the fact that if authorization checking occurs in middleware, an attacker can use the vulnerability to bypass authorization checking...
Exploit for Stack-based Buffer Overflow in Dlink Dap-1620_Firmware
CVE-2025-2620 Proof-of-Concept Exploit Overview This repos...
Lunary 安全漏洞
Lunary is Lunary open source a production toolkit for LLM . Lunary afc5df4 version of a security vulnerability , the vulnerability stems from a flaw in the permission checking mechanism , an attacker can use this vulnerability to cause unauthorized access to sensitive endpoints...
CVE-2025-2401 Buffer overflow in Immunity Debugger
Buffer overflow vulnerability in Immunity Debugger affecting version 1.85, its exploitation could allow a local attacker to execute arbitrary code, due to the lack of proper boundary checking...
Xorg: xwayland: Buffer overflow in XkbVModMaskText()
A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText allocates a fixed-sized buffer on the stack and copies the names of the virtual modifiers to that buffer. The code fails to check the bounds of the buffer and would copy the data regardless of the size...
Xorg: xwayland: Buffer overflow in XkbVModMaskText()
A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText allocates a fixed-sized buffer on the stack and copies the names of the virtual modifiers to that buffer. The code fails to check the bounds of the buffer and would copy the data regardless of the size...
Xorg: xwayland: Buffer overflow in XkbVModMaskText()
A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText allocates a fixed-sized buffer on the stack and copies the names of the virtual modifiers to that buffer. The code fails to check the bounds of the buffer and would copy the data regardless of the size...
Xorg: xwayland: Buffer overflow in XkbVModMaskText()
A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText allocates a fixed-sized buffer on the stack and copies the names of the virtual modifiers to that buffer. The code fails to check the bounds of the buffer and would copy the data regardless of the size...
Zoom Workplace Apps Heap Buffer Overflow Vulnerability
Zoom Workplace Apps is an enterprise-grade collaboration platform that combines video conferencing, team collaboration, AI assistance, and other features for hybrid office scenarios. Zoom Workplace Apps suffers from a heap buffer overflow vulnerability that stems from the program not properly...
CVE-2025-1057
A flaw was found in Keylime, a remote attestation solution, where strict type checking introduced in version 7.12.0 prevents the registrar from reading database entries created by previous versions, for example, 7.11.0. Specifically, older versions store agent registration data as bytes, whereas...
CVE-2025-1057
A flaw was found in Keylime, a remote attestation solution, where strict type checking introduced in version 7.12.0 prevents the registrar from reading database entries created by previous versions, for example, 7.11.0. Specifically, older versions store agent registration data as bytes, whereas...
CVE-2025-1057
CVE-2025-1057 affects Keylime (registrar) where a change in database type handling introduced in version 7.12.0 prevents reading prior-version entries (e.g., 7.11.0) because older data is stored as bytes while the registrar now expects strings. This mismatch can trigger an error/exceptions during...
Keylime 代码问题漏洞
Keylime is an open source extensible trust system utilizing TPM technology from Keylime Open Source. A code issue vulnerability exists in Keylime version 7.12.0 that stems from strict type checking and could lead to proxy registration failure...
NFC: nci: Add bounds checking in nci_hci_create_pipe()
...
gve: guard XSK operations on the existence of queues
...