OPPO O+ Connect 安全漏洞

OPPO O+ Connect is a multi-device connectivity and data collaboration platform developed by OPPO Corporation in China. There is a security vulnerability in OPPO O+ Connect, which stems from the failure to verify the identity of the caller on the pipeline interface, potentially leading to an...

CVE-2025-40354

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: increase max link count and fix link-enc NULL pointer access why 1. dc-linksMAXLINKS array size smaller than actual requested. maxconnector + maxdpia + 4 virtual = 14. increase from 12 to 14. 2. hwinit access nul...

GHSA-285M-VHFQ-XX4H Elasticsearch Improper Handling of Exceptional Conditions

It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API...

PT-2023-30154 · Unknown · Elasticsearch

Name of the Vulnerable Software and Affected Versions: Elasticsearch affected versions not specified Description: The issue arises from malformed scripts used in the script processor of an Ingest Pipeline, which can cause an Elasticsearch node to crash when calling the "Simulate Pipeline API"...

CVE-2023-37957

A cross-site request forgery CSRF vulnerability in Jenkins Pipeline restFul API Plugin 0.11 and earlier allows attackers to connect to an attacker-specified URL, capturing a newly generated JCLI token...