Xen 安全漏洞

Xen is an open source virtual machine monitor product from Xen Open Source. The product enables different and incompatible operating systems to run on the same computer and supports migration at runtime to ensure uptime and avoid downtime. A security vulnerability exists in Xen that stems from a...

CVE-2022-50588

Nagios XI versions prior to 5.8.9 are vulnerable to cross-site scripting XSS in the update checking feature. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

CVE-2022-50588

Nagios XI versions prior to 5.8.9 are vulnerable to cross-site scripting XSS in the update checking feature. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

CVE-2022-50588 Nagios XI < 5.8.9 Stored XSS in Update Checking

Nagios XI versions prior to 5.8.9 are vulnerable to cross-site scripting XSS in the update checking feature. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

CVE-2022-50588 Nagios XI < 5.8.9 Stored XSS in Update Checking

Nagios XI versions prior to 5.8.9 are vulnerable to cross-site scripting XSS in the update checking feature. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

CVE-2022-50588

Nagios XI prior to version 5.8.9 is affected by a stored XSS flaw in the update-checking feature. The vulnerability stems from insufficient validation/escaping of user-supplied input, allowing an attacker to inject and execute arbitrary script in a victim’s browser. Public sources in the provided...

CLSA-2025-1761847256 Fix CVE(s): CVE-2022-47673, CVE-2023-25584

SECURITY UPDATE: multiple vulnerabilities in vms-alpha.c parsemodule - debian/patches/CVE-2022-47673CVE-2023-25584-.patch: fix null pointer dereference in parsemodule by adding return value checking for bfdzalloc calls, fix potential out of bounds memory access in DST record parsing loop -...

CVE-2025-10920

A remote code execution RCE vulnerability exists in GIMP due to improper bounds checking during the parsing of ICNS image files. When a user opens a specially crafted ICNS file, it can trigger an out-of-bounds write, allowing attackers to execute arbitrary code within the context of the GIMP...

EUVD-2025-36898

A flaw was identified in the X.Org X server’s X Keyboard Xkb extension where improper bounds checking in the XkbSetCompatMap function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a cras...

PT-2025-44485

Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 5.8.9 Description The software is susceptible to a cross-site scripting XSS issue within the update checking feature. Insufficient validation or escaping of user-supplied input could allow an attacker to inject and...

Nagios XI 安全漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI versions prior to 5.8.9, which stems from insufficient...

Red Hat Enterprise Linux 安全漏洞

Red Hat Enterprise Linux is a Linux operating system for enterprise users from the American company Red Hat. A security vulnerability exists in Red Hat Enterprise Linux that stems from improper boundary checking in the XkbSetCompatMap function, which could result in an unsigned short integer...

CVE-2025-58187

Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. This affects programs which validate arbitrary certificate chains...

SUSE CVE-2025-62231

A flaw was identified in the X.Org X server's X Keyboard Xkb extension where improper bounds checking in the XkbSetCompatMap function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a cras...

kernel: wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result()

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: sme: cap SSID length in cfg80211connectresult If the ssid-datalen is more than IEEE80211MAXSSIDLEN 32 it would lead to memory corruption so add some bounds checking...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

kernel: wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result()

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: sme: cap SSID length in cfg80211connectresult If the ssid-datalen is more than IEEE80211MAXSSIDLEN 32 it would lead to memory corruption so add some bounds checking...

kernel: wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result()

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: sme: cap SSID length in cfg80211connectresult If the ssid-datalen is more than IEEE80211MAXSSIDLEN 32 it would lead to memory corruption so add some bounds checking...

Important: kernel-livepatch-5.10.240-238.959

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netdevsim: fix memory leak in nsimdrvprobe when nsimdevresourcesregister failed CVE-2022-50500 In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Use rawsmpprocessorid instead of...

seffaflik 安全漏洞

seffaflik is a Python library by the individual developer of nurisensoy. A security vulnerability exists in seffaflik 0.0.9 and earlier versions, which stems from improperly set default permissions and lack of symbolic link checking in .kimlik and .seffaflik files, which could lead to information...