Invoking incorrect handling of HTML elements in foreign content in golang.org/x/net/html

...

CVE-2025-54324

An issue was discovered in NAS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Incorrect Handling of a DL NAS Transport packet leads to a...

JeecgBoot 授权问题漏洞

JeecgBoot is a low-code development platform that fuses code generation and AI applications to help organizations rapidly achieve low-code development and build AI applications. JeecgBoot suffers from an authorization issue vulnerability, which stems from improper authorization of the parameter...

CVE-2025-26782

CVE-2025-26782 affects Samsung Exynos/Mobile Processor, Wearable Processor, and Modem (e.g., Exynos 980/990/850/1080/2100/1280/2200/1330/1380/1480/9110/W920/W930; Modem 5123/5300). Root cause: incorrect handling of RLC AM PDUs in the cellular stack. Impact: denial of service. Affected components ...

The vulnerability of the Vnet/IP SCADA system’s interface of Yokogawa CENTUM VP allows a intruder to trigger a service failure.

The vulnerability of the Vnet/IP SCADA system of Yokogawa CENTUM VP is related to the incorrect processing of parameter length discrepancies. Exploiting this vulnerability allows a malicious actor to trigger a service failure by sending specially crafted packets...

MGASA-2025-0096 Updated opensc packages fix security vulnerabilities

Heap buffer overflow in openpgp driver when generating key. CVE-2024-8443 Usage of uninitialized values in libopensc and pkcs15init. CVE-2024-45615 Uninitialized values after incorrect check or usage of apdu response values in libopensc. CVE-2024-45616 Uninitialized values after incorrect or...

The vulnerability of Windows Deployment Services allows a malicious actor to trigger a service failure.

The vulnerability of Windows Deployment Services for Windows operating systems is related to the incorrect handling of symbolic links before accessing the file. Exploiting this vulnerability can allow an attacker to cause a service failure...

CVE-2024-56638

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftinner: incorrect percpu area handling under softirq Softirq can interrupt ongoing packet from process context that is walking over the percpu area that contains inner header offsets. Disable bh and perform three...

openSUSE Security Advisory (SUSE-SU-2024:3444-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Authorization Bypass

github.com/authzed/spicedb is vulnerable to Authorization Bypass. The vulnerability is due to incorrect handling of multiple caveats on the same indirect subject type. It allows an attacker to deny legitimate access, resulting in incorrect "no permission" responses when permissions should be...

GO-2023-1806 mx-chain-go does not treat invalid transaction with wrong username correctly in github.com/multiversx/mx-chain-go

mx-chain-go does not treat invalid transaction with wrong username correctly in github.com/multiversx/mx-chain-go...

Moderate: Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.6.0 security update

Red Hat OpenShift Service Mesh Containers for 2.6.0 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

Moderate: Red Hat Security Advisory: Network Observability 1.6.1 for OpenShift

Network Observability 1.6 for Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

The vulnerability of the Windows Backup Service allows attackers to exploit their privileges.

The vulnerability of the Windows Backup Service in Microsoft Windows operating systems is related to incorrect handling of symbolic links before accessing the file. Exploiting this vulnerability can allow an attacker to increase their privileges...

Adversarial unsanitized input may cause MongoDB Rust Driver to issue unintended commands.

Incorrect handling of certain string inputs may result in MongoDB Rust driver constructing unintended server commands. This may cause unexpected application behavior including data modification. This issue affects MongoDB Rust Driver 2.0 versions prior to 2.8.2...

RHEL 7 : podman (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - podman: Privilege escalation in API component CVE-2019-25067 - An incorrect handling of the supplementary...

RHEL 5 : others (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - Tomcat/JBossWeb: request smuggling and limited DoS in ChunkedInputFilter CVE-2014-0227 - Apache Tomcat...

CVE-2021-47130

In the Linux kernel, the following vulnerability has been resolved: nvmet: fix freeing unallocated p2pmem In case p2p device was found but the p2p pool is empty, the nvme target is still trying to free the sgl from the p2p pool instead of the regular sgl pool and causing a crash BUG is called...

Race condition

A vulnerability in the Layer 2 Ethernet services of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the line card network processor to reset, resulting in a denial of service DoS condition. This vulnerability is due to the incorrect handling of specific Ethernet...

BIT-MARIADB-2021-46658

savewindowfunctionvalues in MariaDB before 10.6.3 allows an application crash because of incorrect handling of withwindowfunc=true for a subquery...