243 matches found
kernel: crypto: algif_aead - Revert to operating out-of-place
A flaw was found in the Linux kernel's algifaead cryptographic algorithm interface. An incorrect in-place operation causes source and destination data mappings to differ during cryptographic processing. A low-privileged local attacker can exploit this flaw to corrupt the contents of sensitive...
kernel: Linux kernel: Denial of service and memory corruption in RDMA umad
A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA umad User Mode Access Device component. A local user can exploit this vulnerability by manipulating input, causing an integer underflow that leads to an out-of-bounds memory write. This memory corruption can result in a denia...
CVE-2026-3446
A flaw was found in the Python base64 module. When decoding base64 data using functions like base64.b64decode, the decoding process prematurely stops upon encountering the first padding character. This can result in incomplete data being processed, where any information following the initial...
CVE-2026-34778
A flaw was found in Electron, a framework for building desktop applications. A service worker running in a session could spoof reply messages on the internal Inter-Process Communication IPC channel. This vulnerability affects applications that have service workers registered and use the results o...
PT-2026-27226
OpenClaw before 2026.2.25 lacks durable replay state for Nextcloud Talk webhook events, allowing valid signed requests to be replayed. Attackers can capture and replay previously valid signed webhook requests to trigger duplicate inbound processing and cause integrity or availability issues...
OpenClaw 安全漏洞
OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.2.25 contained security vulnerabilities. These vulnerabilities stemmed from a lack of persistent replay protection for Nextcloud Talk webhook events. This allowed attackers to...
CVE-2025-52648
HCL AION is affected by CVE-2025-52648: offering images are not digitally signed, allowing unverified or tampered images which may cause integrity issues or unintended system behavior. Root cause: lack of image signing. No remediation details provided in the connected documents.
CVE-2026-1286
CWE-502: Deserialization of untrusted data vulnerability exists that could lead to loss of confidentiality, integrity and potential remote code execution on workstation when an admin authenticated user opens a malicious project file...
Security update for python311
This update for python311 fixes the following issues: CVE-2025-11468: header injection when folding a long comment in an email header containing exclusively unfoldable characters bsc1257029. CVE-2025-12781: inadequate parameter check can cause data integrity issues bsc1257108. CVE-2025-15282:...
CVE-2011-0843
Unspecified vulnerability in the Siebel CRM Core component in Oracle Siebel CRM 7.8.2, 8.0.0, and 8.1.1 allows remote attackers to affect integrity via unknown vectors related to Globalization - Automotive...
CVE-2011-0795
Unspecified vulnerability in the Single Sign On component in Oracle Fusion Middleware 10.1.2.3 allows remote authenticated users to affect integrity via unknown vectors related to Administration and Monitoring...
CVE-2025-23187
Due to missing authorization check in an RFC enabled function module in transaction SDCCN, an unauthenticated attacker could generate technical meta-data. This leads to a low impact on integrity. There is no impact on confidentiality or availability...
CVE-2025-12782
The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.9.4. This is due to the plugin not properly verifying a user's authorization in the disable function. This makes it possible for authenticated attackers,...
HSEC-2024-0008 Sign extension error in the PPC64le FFI
Sign extension error in the PPC64le FFI Numeric arguments of FFI call on the PPC64le backend may result in incorrect runtime values. For the most part, this bug only causes availability and data integrity issues. However, in some circumstances, it may result in other, more complicated security...
HSEC-2024-0006 fromIntegral: conversion error
fromIntegral: conversion error fromIntegral may result in coercion errors when used with optimization flags -O1 or -O2 in the following situation: - Converting negative Int to Natural does not throw an arithmetic underflow error - Converting large Integer greater than 2^64 to Natural overflow. Fo...
HSEC-2024-0007 Sign extension error in the AArch64 NCG
Sign extension error in the AArch64 NCG Arithmetic operations may result in incorrect runtime results on the native aarch64 backend. For the most part, this bug only causes availability and data integrity issues. However, in some circumstances, it may result in other, more complicated security...
EUVD-2016-0577
Malware in sbrugna...
EUVD-2014-6471
Malware in sbrugna...
EUVD-2011-3484
Malware in sbrugna...
EUVD-2016-4483
Malware in sbrugna...