5828 matches found
SUSE CVE-2025-22048
In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Don't override subprog's return value The verifier test calls: div by 0 in subprog triggers a panic at the ld.bu instruction. The ld.bu insn is trying to load byte from memory address returned by the subprog. The...
Malicious code in talsec-react-native-security-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 68ab8661116d9ec30b2582ba0a9547684e8ad10024bae79f2b4094e5ea0937d3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3262 Malicious code in talsec-react-native-security-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 68ab8661116d9ec30b2582ba0a9547684e8ad10024bae79f2b4094e5ea0937d3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2025-1566
DNS Leak in Native System VPN in Google ChromeOS Dev Channel on ChromeOS 16002.23.0 allows network observers to expose plaintext DNS queries via failure to properly tunnel DNS traffic during VPN state transitions...
DEBIAN-CVE-2025-22105
In the Linux kernel, the following vulnerability has been resolved: bonding: check xdp prog when set bond mode Following operations can trigger a warning1: ip netns add ns1 ip netns exec ns1 ip link add bond0 type bond mode balance-rr ip netns exec ns1 ip link set dev bond0 xdp obj afxdpkern.o se...
CVE-2025-22105
In the Linux kernel, the following vulnerability has been resolved: bonding: check xdp prog when set bond mode Following operations can trigger a warning1: ip netns add ns1 ip netns exec ns1 ip link add bond0 type bond mode balance-rr ip netns exec ns1 ip link set dev bond0 xdp obj afxdpkern.o se...
DEBIAN-CVE-2025-22048
In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Don't override subprog's return value The verifier test calls: div by 0 in subprog triggers a panic at the ld.bu instruction. The ld.bu insn is trying to load byte from memory address returned by the subprog. The...
UBUNTU-CVE-2025-22048
In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Don't override subprog's return value The verifier test calls: div by 0 in subprog triggers a panic at the ld.bu instruction. The ld.bu insn is trying to load byte from memory address returned by the subprog. The...
Vulnerabilities fixed in Oracle Communications
Oracle has fixed several vulnerabilities in Oracle Communications products, including Cloud Native Core and Policy Management. The vulnerabilities in Oracle Communications products allow unauthenticated attackers to gain unauthorized access to sensitive data and can lead to denial-of-service DoS...
WordPress plugin Booking and Rental Manager 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress plugin hockeydata LOS 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
Vulnerability of the radeon_fp_native_mode() function in the drivers/gpu/drm/radeon/radeon_connectors.c file – This driver provides support for Direct Rendering Infrastructure (DRI) in Linux graphics cards from the Radion series. This vulnerability allows attackers to cause system failures.
Vulnerability of the radeonfpnativemode function in the drivers/gpu/drm/radeon/radeonconnectors.c file – The driver that supports Direct Rendering Infrastructure DRI for Linux graphics cards related to the Radion GPU is vulnerable due to a NULL pointer dereferencing issue. Exploiting this...
hdf5: multiple CVEs
HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5HGread in H5HG.c called from H5VLnativeblobget in H5VLnativeblob.c, resulting in the corruption of the instruction pointer...
hdf5: multiple CVEs
HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5Tgetnativetype in H5Tnative.c, resulting in the corruption of the instruction pointer...
Malicious code in native-bottom-sheet (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5711622e2e816e2ae9f09b95daaec1ec3a4d06831cc5c627ed897fbf2c72ee2b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3173 Malicious code in native-bottom-sheet (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5711622e2e816e2ae9f09b95daaec1ec3a4d06831cc5c627ed897fbf2c72ee2b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Have We Reached a Distroless Tipping Point?
There's a virtuous cycle in technology that pushes the boundaries of what's being built and how it's being used. A new technology development emerges and captures the world's attention. People start experimenting and discover novel applications, use cases, and approaches to maximize the...
DoS (Denial of Service) io.netty:netty-handler Dependency in Confluence Data Center and Server
This High severity io.netty:netty-handler Dependency vulnerability was introduced in versions 7.19 of Confluence Data Center and Server. This io.netty:netty-handler Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an...
The vulnerability of the BmpInput::read_native_scanline() function in the src/bmp.imageio/bmpinput.cpp module of the OpenImageIO library allows a hacker to cause a service failure.
The vulnerability of the BmpInput::readnativescanline function in the src/bmp.imageio/bmpinput.cpp module of the OpenImageIO library is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the TIFFInput::read_native_tile() function in the src/tiff.imageio/tiffinput.cpp module of the OpenImageIO library allows a attacker to cause a service failure.
The vulnerability of the TIFFInput::readnativetile function in the src/tiff.imageio/tiffinput.cpp module of the OpenImageIO library is related to improper memory allocation. Exploiting this vulnerability may allow an attacker to cause a service failure...