19172 matches found
GHSA-JWMF-CHVC-RF92 vulnerabilities
Vulnerabilities for packages: gobuster, kubebuilder, opensearch-k8s-operator, velero-plugin-for-aws, logstash-exporter, gke-gcloud-auth-plugin, kafka-proxy, rancher-machine, kubernetes-csi-driver-hostpath, neuvector-dbgen, vault-k8s, terraform-provider-kubernetes, licenseclassifier, distribution,...
GHSA-9GCR-GP5F-JW27 vulnerabilities
Vulnerabilities for packages: contour-fips, rancher-helm, minio-object-browser-fips, amazon-k8s-cni-fips, kubescape-operator, cilium-certgen, bom, seaweedfs-operator, harbor-registry-fips, gatekeeper-fips, boring-registry, policy-controller-fips, cyberark-secrets-provider-for-k8s-fips,...
GHSA-CXQ7-XW9V-RCV3 vulnerabilities
Vulnerabilities for packages: contour-fips, rancher-helm, minio-object-browser-fips, amazon-k8s-cni-fips, kubescape-operator, cilium-certgen, bom, seaweedfs-operator, harbor-registry-fips, gatekeeper-fips, boring-registry, policy-controller-fips, cyberark-secrets-provider-for-k8s-fips,...
CVE-2025-58188 vulnerabilities
Vulnerabilities for packages: contour-fips, rancher-helm, minio-object-browser-fips, amazon-k8s-cni-fips, kubescape-operator, cilium-certgen, bom, seaweedfs-operator, harbor-registry-fips, gatekeeper-fips, boring-registry, policy-controller-fips, cyberark-secrets-provider-for-k8s-fips,...
CVE-2025-61724 vulnerabilities
Vulnerabilities for packages: contour-fips, rancher-helm, minio-object-browser-fips, amazon-k8s-cni-fips, kubescape-operator, cilium-certgen, bom, seaweedfs-operator, harbor-registry-fips, gatekeeper-fips, boring-registry, policy-controller-fips, cyberark-secrets-provider-for-k8s-fips,...
CVE-2025-58189 vulnerabilities
Vulnerabilities for packages: contour-fips, rancher-helm, minio-object-browser-fips, amazon-k8s-cni-fips, kubescape-operator, cilium-certgen, bom, seaweedfs-operator, harbor-registry-fips, gatekeeper-fips, boring-registry, policy-controller-fips, cyberark-secrets-provider-for-k8s-fips,...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: vhci: Prevent use-after-free by removing debugfs files early The creation of debugfs files is moved to a dedicated function, and it is ensured that these files are explicitly removed during vhcirelease, before the...
CVE-2021-4461
Seeyon Zhiyuan OA Web Application System versions up to and including 7.0 SP1 improperly decode and parse the enc parameter in thirdpartyController.do. The decoded map values can influence session attributes without sufficient authentication/authorization checks, enabling attackers to assign a...
CVE-2025-23050
QLowEnergyController in Qt before 6.8.2 mishandles malformed Bluetooth ATT commands, leading to an out-of-bounds read or division by zero. This is fixed in 5.15.19, 6.5.9, and 6.8.2...
AZL-69557 CVE-2025-23050 affecting package qt5-qtconnectivity 5.14.2-2
QLowEnergyController in Qt before 6.8.2 mishandles malformed Bluetooth ATT commands, leading to an out-of-bounds read or division by zero. This is fixed in 5.15.19, 6.5.9, and 6.8.2...
UBUNTU-CVE-2025-23050
QLowEnergyController in Qt before 6.8.2 mishandles malformed Bluetooth ATT commands, leading to an out-of-bounds read or division by zero. This is fixed in 5.15.19, 6.5.9, and 6.8.2...
EUVD-2021-34712
Seeyon Zhiyuan OA Web Application System versions up to and including 7.0 SP1 improperly decode and parse the enc parameter in thirdpartyController.do. The decoded map values can influence session attributes without sufficient authentication/authorization checks, enabling attackers to assign a...
Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 Elevation of Privilege Vulnerabilities (CNVD-2025-29084)
The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both networked access controllers from Azure Access Technology, USA. The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are vulnerable to an elevation of privilege vulnerability that is caused by...
EUVD-2025-37272
QLowEnergyController in Qt before 6.8.2 mishandles malformed Bluetooth ATT commands, leading to an out-of-bounds read or division by zero. This is fixed in 5.15.19, 6.5.9, and 6.8.2...
Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 Cross-Site Request Forgery Vulnerabilities (CNVD-2025-29095)
The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both networked access controllers from Azure Access Technology, USA. The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 suffer from a cross-site request forgery vulnerability that is caused by imprope...
CVE-2025-23050
QLowEnergyController in Qt before 6.8.2 mishandles malformed Bluetooth ATT commands, leading to an out-of-bounds read or division by zero. This is fixed in 5.15.19, 6.5.9, and 6.8.2...
Azure Access Technology BLU-IC2和Azure Access Technology BLU-IC4 安全漏洞
The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both networked access controllers from Azure Access Technology, USA. A security vulnerability exists in the Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 that stems from an insufficient password...
CVE-2021-4461
Seeyon Zhiyuan OA Web Application System versions up to and including 7.0 SP1 improperly decode and parse the enc parameter in thirdpartyController.do. The decoded map values can influence session attributes without sufficient authentication/authorization checks, enabling attackers to assign a...
CVE-2021-4461 Seeyon Zhiyuan OA Web Application System < 7.0 SP1 Authentication Bypass
Seeyon Zhiyuan OA Web Application System versions up to and including 7.0 SP1 improperly decode and parse the enc parameter in thirdpartyController.do. The decoded map values can influence session attributes without sufficient authentication/authorization checks, enabling attackers to assign a...
CVE-2021-4461
CVE-2021-4461 affects Seeyon Zhiyuan OA Web Application System