SourceCodester Online Food Ordering System 安全漏洞

The SourceCodester Online Food Ordering System is an open-source online ordering system developed by SourceCodester. Version 1.0 of the SourceCodester Online Food Ordering System has a security vulnerability. This vulnerability stems from the handling of the parameter ‘price’ in the ‘saveproduct’...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006727)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006727 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/srso: Add SRSO mitigation for Hygon processors Add mitigation for the speculative return stac...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006742)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006742 advisory. In the Linux kernel, the following vulnerability has been resolved: KVM: x86: use arrayindexnospec with indices that come from guest min and destid are...

PT-2026-31432

Name of the Vulnerable Software and Affected Versions: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack versions 19.0.0 through 19.0.4, 19.1.0 through 19.1.5, and 19.2.0 through 19.2.4. Description: A denial of service vulnerability exists in React Server...

UBUNTU-CVE-2026-29181

OpenTelemetry-Go is the Go implementation of OpenTelemetry. From 1.36.0 to 1.40.0, multi-value baggage: header extraction parses each header field-value independently and aggregates members across values. This allows an attacker to amplify cpu and allocations by sending many baggage: header lines...

XML Entity Expansion

fast-xml-parser is vulnerable to XML Entity Expansion. The vulnerability is due to missing enforcement of entity expansion limits for numeric and standard XML entities, which allows an attacker to supply crafted XML with excessive entity references to trigger high memory and CPU consumption leadi...

Linux Distros Unpatched Vulnerability : CVE-2026-23443

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: Fix previous acpiprocessorerratapiix4 fix After commi f132e089fe89 ACPI:...

GHSA-788V-5PFP-93FF PocketMine-MP: JSON decoding of unlimited size large arrays/objects in ModalFormResponse Handling

Impact The server does not meaningfully limit the size of the JSON payload in ModalFormResponsePacket. This can be abused by an attacker to waste memory and CPU on an affected server, e.g. by sending arrays with millions of elements. The player must have a full session on the server i.e. spawned ...

USN-8152-1 linux-oem-6.17 vulnerabilities

It was discovered that some AMD Zen 5 processors supporting RDSEED instruction did not properly handle entropy, potentially resulting in the consumption of insufficiently random values. A local attacker could possibly use this issue to influence the values returned by the RDSEED instruction causi...

EUVD-2025-209241

An issue was discovered in NAS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Incorrect Handling of a DL NAS Transport packet leads to a...

CVE-2025-57834

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 850, 990, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 1680, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400, and Modem 5410. The absence of proper input validation leads to a...

CVE-2026-21380

CVE-2026-21380 involves memory corruption (use-after-free) in the DSP service when deprecated DMABUF IOCTL calls are used to manage video memory. Documents describe a local, low-privilege attack with no user interaction and high impact to confidentiality, integrity, and availability. Root cause i...

libarchive: Infinite Loop Denial of Service in RAR5 Decompression via archive_read_data() in libarchive

A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archivereaddata processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a state where internal logic prevents forward progress. This...

SAMSUNG多款产品 安全漏洞

SAMSUNG Exynos 980 and other products are manufactured by Samsung Electronics of South Korea. The SAMSUNG Exynos 980 is the first 5G-integrated SOC product, as well as the world’s first A77 architecture processor. The SAMSUNG Exynos 990 is a mobile processor. The SAMSUNG Exynos 850 is also a mobi...

Samsung多款产品 安全漏洞

SAMSUNG Mobile Processor and SAMSUNG Wearable Processor are both products of South Korean company Samsung. The SAMSUNG Mobile Processor is a series of mobile processors, while the SAMSUNG Wearable Processor is a series of wearable processors. Several Samsung products have security vulnerabilities...

CVE-2025-57834

CVE-2025-57834 affects Samsung Mobile Processor, Wearable Processor, and Modem lines (Exynos 980/850/990/1080/2100/1280/2200/1330/1380/1480/2400/1580/2500/1680/9110/W920/W930/W1000 and Modems 5123/5300/5400/5410). The issue is due to insufficient input validation, resulting in a Denial of Service...

CVE-2025-54324

CVE-2025-54324 affects Samsung NAS in multiple Exynos Wearable/Modem products. The issue is incorrect handling of a DL NAS Transport packet, leading to Denial of Service. No exploitation details or patch information are provided in the supplied documents; monitor Samsung security updates pages fo...

CVE-2025-57834

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 850, 990, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 1680, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400, and Modem 5410. The absence of proper input validation leads to a...

SUSE CVE-2026-23443

In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: Fix previous acpiprocessorerratapiix4 fix After commi f132e089fe89 "ACPI: processor: Fix NULL-pointer dereference in acpiprocessorerratapiix4", device pointers may be dereferenced after dropping references to the...

EUVD-2026-18686

In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: Fix previous acpiprocessorerratapiix4 fix After commi f132e089fe89 "ACPI: processor: Fix NULL-pointer dereference in acpiprocessorerratapiix4", device pointers may be dereferenced after dropping references to the...