40449 matches found
UBUNTU-CVE-2025-38004
In the Linux kernel, the following vulnerability has been resolved: can: bcm: add locking for bcmop runtime updates The CAN broadcast manager CAN BCM can send a sequence of CAN frames via hrtimer. The content and also the length of the sequence can be changed resp reduced at runtime where the...
UBUNTU-CVE-2025-38003
In the Linux kernel, the following vulnerability has been resolved: can: bcm: add missing rcu read protection for procfs content When the procfs content is generated for a bcmop which is in the process to be removed the procfs output might show unreliable data UAF. As the removal of bcmop's is...
CVE-2025-38003 can: bcm: add missing rcu read protection for procfs content
In the Linux kernel, the following vulnerability has been resolved: can: bcm: add missing rcu read protection for procfs content When the procfs content is generated for a bcmop which is in the process to be removed the procfs output might show unreliable data UAF. As the removal of bcmop's is...
CVE-2025-38003
CVE-2025-38003 affects the Linux kernel: the bcm subsystem generates procfs content for bcm_op objects, and removal without proper rcu protection could expose use-after-free data. The patch adds missing rcu_read_lock() and ensures list entries are removed under RCU, addressing UAF in procfs outpu...
CVE-2025-38003 can: bcm: add missing rcu read protection for procfs content
In the Linux kernel, the following vulnerability has been resolved: can: bcm: add missing rcu read protection for procfs content When the procfs content is generated for a bcmop which is in the process to be removed the procfs output might show unreliable data UAF. As the removal of bcmop's is...
CVE-2025-38003
In the Linux kernel, the following vulnerability has been resolved: can: bcm: add missing rcu read protection for procfs content When the procfs content is generated for a bcmop which is in the process to be removed the procfs output might show unreliable data UAF. As the removal of bcmop's is...
CVE-2024-46941
SystemUI has an incorrect component protection setting, which allows access to specific information...
NanoZone: Scalable, Efficient, and Secure Memory Protection for Arm CCA
Arm Confidential Computing Architecture CCA currently isolates at the granularity of an entire Confidential Virtual Machine CVM, leaving intra-VM bugs such as Heartbleed unmitigated. The state-of-the-art narrows this to the process level, yet still cannot stop attacks that pivot within the same...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a lack of rcu read protection, which could lead to unreliable data output...
[SECURITY] Fedora 42 Update: mod_security-2.9.9-1.fc42
ModSecurity is an open source intrusion detection and prevention engine for web applications. It operates embedded into the web server, acting as a powerful umbrella - shielding web applications from attacks...
Empower Users and Protect Against GenAI Data Loss
When generative AI tools became widely available in late 2022, it wasn't just technologists who paid attention. Employees across all industries immediately recognized the potential of generative AI to boost productivity, streamline communication and accelerate work. Like so many waves of...
CVE-2025-49283
Cross-Site Request Forgery CSRF vulnerability in Matthias Nordwig Anti-spam, Spam protection, ReCaptcha for all forms and GDPR-compliant gdpr-compliant-recaptcha-for-all-forms allows Cross Site Request Forgery.This issue affects Anti-spam, Spam protection, ReCaptcha for all forms and...
CVE-2025-49283 WordPress Anti-spam, Spam protection, ReCaptcha for all forms and GDPR-compliant plugin <= 4.1.1 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in Matthias Nordwig Anti-spam, Spam protection, ReCaptcha for all forms and GDPR-compliant gdpr-compliant-recaptcha-for-all-forms allows Cross Site Request Forgery.This issue affects Anti-spam, Spam protection, ReCaptcha for all forms and...
CVE-2025-2935 Anti-Spam: Spam Protection | Block Spam Users, Comments, Forms <= 2024.7 - Cross-Site Request Forgery to Multiple Administrative Actions
The Anti-Spam: Spam Protection | Block Spam Users, Comments, Forms plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2024.7. This is due to missing or incorrect nonce validation in the 'ssoptionmaint.php' and 'ssuserfilterlist' files. This make...
CVE-2024-46941
SystemUI has an incorrect component protection setting, which allows access to specific information...
CVE-2024-46941 SystemUI component protection settings vulnerability
SystemUI has an incorrect component protection setting, which allows access to specific information...
CVE-2024-46941 SystemUI component protection settings vulnerability
SystemUI has an incorrect component protection setting, which allows access to specific information...
Cyber Security of Sensor Systems for State Sequence Estimation: an AI Approach
Sensor systems are extremely popular today and vulnerable to sensor data attacks. Due to possible devastating consequences, counteracting sensor data attacks is an extremely important topic, which has not seen sufficient study. This paper develops the first methods that accurately...
Vivo System UI 安全漏洞
Vivo System UI is a cell phone system from the Chinese company Vivo. A security vulnerability exists in Vivo System UI, which stems from improperly set component protection settings that could lead to information disclosure...
WordPress plugin Anti-Spam: Spam Protection | Block Spam Users, Comments, Forms 跨站请求伪造漏洞
WordPress and the WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. WordPress plugin Anti-Spam: Spam Protection | Block Spam Users,...