EUVD-2025-31004

Malicious code in bioql PyPI...

CVE-2025-21476

Memory corruption when passing parameters to the Trusted Virtual Machine during the handshake...

CVE-2025-21476

Memory corruption when passing parameters to the Trusted Virtual Machine during the handshake...

PT-2025-39266

Name of the Vulnerable Software and Affected Versions Versions prior to 2025 Description A memory corruption issue exists when parameters are passed to the Trusted Virtual Machine during the handshake process. Recommendations At the moment, there is no information about a newer version that...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an improperly narrowed conversion in acpinfitctl, which could lead to invalid parameter passing...

pgAdmin 安全漏洞

pgAdmin is pgAdmin open source an open source management and development platform for the open source database PostgreSQL. A security vulnerability exists in pgAdmin versions prior to 4 9.2 that stems from insecurely passing parameters to the eval function, which could lead to remote code executi...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: sched: schmultiq: fix possible OOB write in multiqtune CVE-2024-36978 In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Check whether the media is initialized...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the nommu component incorrectly passing parameters to vmaiterprealloc when deleting vma entries, causing the...

CVE-2024-40957

In the Linux kernel, the following vulnerability has been resolved: seg6: fix parameter passing when calling NFHOOK in End.DX4 and End.DX6 behaviors inputactionenddx4 and inputactionenddx6 are called NFHOOK for PREROUTING hook, in PREROUTING hook, we should passing a valid indev, and a NULL outde...

CVE-2024-40957 seg6: fix parameter passing when calling NF_HOOK() in End.DX4 and End.DX6 behaviors

In the Linux kernel, the following vulnerability has been resolved: seg6: fix parameter passing when calling NFHOOK in End.DX4 and End.DX6 behaviors inputactionenddx4 and inputactionenddx6 are called NFHOOK for PREROUTING hook, in PREROUTING hook, we should passing a valid indev, and a NULL outde...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel due to a parameter passing issue in the seg6 component when calling the NFHOOK function...

CVE-2023-40839

Tenda AC6 USAC6V1.0BRV15.03.05.16multiTD01.bin function 'subADF3C' contains a command execution vulnerability. In the "formSetIptv" function, obtaining the "list" and "vlanId" fields, unfiltered passing these two fields as parameters to the "subADF3C" function to execute commands...

CVE-2023-40837

Tenda AC6 USAC6V1.0BRV15.03.05.16multiTD01.bin function 'subADD50' contains a command execution vulnerability. In the "formSetIptv" function, obtaining the "list" and "vlanId" fields, unfiltered passing these two fields as parameters to the "subADD50" function to execute commands...

GHSA-G3M9-PR5M-4CVP Airflow Sqoop Provider RCE Vulnerability

Apache Airflow Sqoop Provider, versions before 4.0.0, is affected by a vulnerability that allows an attacker pass parameters with the connections, which makes it possible to implement RCE attacks via ‘sqoop import --connect’, obtain airflow server permissions, etc. The attacker needs to be logged...

CVE-2023-27604 Apache Airflow Sqoop Provider: Airflow Sqoop Provider RCE Vulnerability

Apache Airflow Sqoop Provider, versions before 4.0.0, is affected by a vulnerability that allows an attacker pass parameters with the connections, which makes it possible to implement RCE attacks via ‘sqoop import --connect’, obtain airflow server permissions, etc. The attacker needs to be logged...

SUSE CVE-2019-5824

Parameter passing error in media in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Design/Logic Flaw

All versions of FileCloud prior to 21.3 are vulnerable to user enumeration. The vulnerability exists in the parameter "path" passing "/SHARED/". A malicious actor could identify the existence of users by requesting share information on specified share paths...

Embedded Crowd passes sensitive paramaters in the URL when adding a new or editing an existing user directory.

h3. Issue Summary While adding a new directory or editing an existing one the embedded crowd passes directoryId, xsrfTokenName and xsrfTokenValue parameters to the URL. h3. Environment Bitbucket 6.9.X, 7.4.X, 7.5.X, 7.6.X h3. Steps to Reproduce In Bitbucket navigate to Gear Icon User Directories;...

CVE-2019-5824

Parameter passing error in media in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2019-5824

Parameter passing error in media in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...