9044 matches found
GIMP 安全漏洞
GIMP is an open-source bitmap image editor developed by the GIMP team. GIMP has a security vulnerability that stems from improper memory initialization during the parsing of PGM files, which may lead to remote code execution...
CVE-2026-25998
strongMan (the management interface for strongSwan) is vulnerable in versions prior to 0.2.0 due to improper encryption of stored credentials in the database. The software used AES-CTR with a global database key and a single IV for all fields, enabling an attacker with database access to recover ...
strongMan 安全漏洞
strongMan is an API developed by strongSwan. Versions of strongMan prior to 0.2.0 contained a security vulnerability. This vulnerability stemmed from the lack of a separate initialization vector when encrypting database fields, which could lead to credential leakage...
OpenSSL Stack buffer overflow in CMS AuthEnvelopedData parsing
Brocade Security has become aware of a stack buffer overflow that could lead to a crash, causing Denial of Service, or potentially remote code execution. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax CMS message with an...
Improper Initialization
Overview Affected versions of this package are vulnerable to Improper Initialization via the MultiScalarMult function when the receiver is not properly initialized. An attacker can cause invalid results or undefined behavior by invoking this function on an uninitialized or non-identity receiver...
Improper Initialization
Overview Affected versions of this package are vulnerable to Improper Initialization via the MultiScalarMult function when the receiver is not properly initialized. An attacker can cause invalid results or undefined behavior by invoking this function on an uninitialized or non-identity receiver...
CVE-2026-2617
A vulnerability was found in Beetel 777VR1 up to 01.00.09. This affects an unknown function of the component Telnet Service/SSH Service. The manipulation results in insecure default initialization of resource. The attack can only be performed from the local network. The exploit has been made publ...
CVE-2025-71234
In the Linux kernel, the following vulnerability has been resolved: wifi: rtl8xxxu: fix slab-out-of-bounds in rtl8xxxustaadd The driver does not set hw-stadatasize, which causes mac80211 to allocate insufficient space for driver private station data in stainfoalloc. When rtl8xxxustaadd accesses...
CVE-2025-71234 wifi: rtl8xxxu: fix slab-out-of-bounds in rtl8xxxu_sta_add
In the Linux kernel, the following vulnerability has been resolved: wifi: rtl8xxxu: fix slab-out-of-bounds in rtl8xxxustaadd The driver does not set hw-stadatasize, which causes mac80211 to allocate insufficient space for driver private station data in stainfoalloc. When rtl8xxxustaadd accesses...
CVE-2025-71234
CVE-2025-71234: Linux kernel rtl8xxxu slab-out-of-bounds in rtl8xxxu_sta_add fixed by setting hw->sta_data_size to sizeof(struct rtl8xxxu_sta_info) during probe to correctly allocate per-station data. Issue caused mac80211 to access sta->drv_priv beyond allocated space; KASAN showed a slab-...
CVE-2025-71234 wifi: rtl8xxxu: fix slab-out-of-bounds in rtl8xxxu_sta_add
In the Linux kernel, the following vulnerability has been resolved: wifi: rtl8xxxu: fix slab-out-of-bounds in rtl8xxxustaadd The driver does not set hw-stadatasize, which causes mac80211 to allocate insufficient space for driver private station data in stainfoalloc. When rtl8xxxustaadd accesses...
CVE-2026-23218 gpio: loongson-64bit: Fix incorrect NULL check after devm_kcalloc()
In the Linux kernel, the following vulnerability has been resolved: gpio: loongson-64bit: Fix incorrect NULL check after devmkcalloc Fix incorrect NULL check in loongsongpioinitirqchip. The function checks chip-parent instead of chip-irq.parents...
SUSE CVE-2026-23123
In the Linux kernel, the following vulnerability has been resolved: interconnect: debugfs: initialize srcnode and dstnode to empty strings The debugfscreatestr API assumes that the string pointer is either NULL or points to valid kmalloc memory. Leaving the pointer uninitialized can cause problem...
PT-2026-20533
FileOptimizer 14.00.2524 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the FileOptimizer32.ini configuration file. Attackers can overwrite the TempDirectory parameter with a 5000-character buffer to cause the application to crash when...
CVE-2026-2617
A vulnerability was found in Beetel 777VR1 up to 01.00.09. This affects an unknown function of the component Telnet Service/SSH Service. The manipulation results in insecure default initialization of resource. The attack can only be performed from the local network. The exploit has been made publ...
CVE-2026-2617
A vulnerability was found in Beetel 777VR1 up to 01.00.09. This affects an unknown function of the component Telnet Service/SSH Service. The manipulation results in insecure default initialization of resource. The attack can only be performed from the local network. The exploit has been made publ...
CVE-2026-2617 Beetel 777VR1 Telnet Service/SSH Service insecure default initialization of resource
A vulnerability was found in Beetel 777VR1 up to 01.00.09. This affects an unknown function of the component Telnet Service/SSH Service. The manipulation results in insecure default initialization of resource. The attack can only be performed from the local network. The exploit has been made publ...
CVE-2026-2617 Beetel 777VR1 Telnet Service/SSH Service insecure default initialization of resource
A vulnerability was found in Beetel 777VR1 up to 01.00.09. This affects an unknown function of the component Telnet Service/SSH Service. The manipulation results in insecure default initialization of resource. The attack can only be performed from the local network. The exploit has been made publ...
CVE-2026-2617
CVE-2026-2617 affects Beetel 777VR1 up to version 01.00.09, with a vulnerability in the Telnet Service/SSH Service causing insecure default initialization of a resource. Impact details in the connected sources indicate the issue is exploitable from the local network, and exploitation has been pub...
USN-8028-3 linux-realtime, linux-raspi-realtime vulnerabilities
It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. CVE-2024-36331 Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt...