GitLab Enterprise Edition（EE）和GitLab Community Edition（CE） 安全漏洞

GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of GitLab, Inc. GitLab Enterprise Edition is a content management system. GitLab Enterprise Edition is a content management system. A security vulnerability exists in GitLab Enterprise Edition EE and GitLab Community...

PT-2025-17705 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 16.7 through 17.9.7 GitLab CE/EE versions 17.10 through 17.10.5 GitLab CE/EE versions 17.11 through 17.11.1 Description: An issue has been discovered affecting service availability via issue preview in GitLab CE/EE. The...

CVE-2025-2197

Browser is affected by type confusion vulnerability, successful exploitation of this vulnerability may affect service availability...

CVE-2025-2197

Browser is affected by type confusion vulnerability, successful exploitation of this vulnerability may affect service availability...

CVE-2025-2197 Type Confusion Vulnerability in Browser

Browser is affected by type confusion vulnerability, successful exploitation of this vulnerability may affect service availability...

CVE-2025-2197 Type Confusion Vulnerability in Browser

Browser is affected by type confusion vulnerability, successful exploitation of this vulnerability may affect service availability...

CVE-2025-2197

CVE-2025-2197 is described across multiple sources as a type-confusion vulnerability in a Browser affecting service availability. Connected documents reference HONOR Browser in CNNVD and Red Hat entries, but do not provide concrete technical details such as affected versions, root cause specifics...

HONOR Browser 安全漏洞

HONOR Browser is a mobile browser program from China Glory HONOR. A security vulnerability exists in HONOR Browser that stems from a type confusion vulnerability that could affect service availability...

PT-2025-16946 · Browsers · Browsers

Name of the Vulnerable Software and Affected Versions: Browser affected versions not specified Description: The Browser is affected by a type confusion vulnerability. Successful exploitation of this vulnerability may affect service availability. Recommendations: At the moment, there is no...

The vulnerability of the sock_map_lookup_sys() function in the net/core/sock_map.c module of the Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the sockmaplookupsys function in the net/core/sockmap.c module of the Linux kernel is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the...

The vulnerability of the cifs_strndup_from_utf16() function in the /fs/smb/client/reparse.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the cifsstrndupfromutf16 function in the /fs/smb/client/reparse.c module of the Linux kernel involves copying buffers without checking their size—a classic buffer overflow attack. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...

The vulnerability of the SIEM systems’ load testing tool, Kraken Stress Testing Toolkit, arises from the improper use of X-Content-Type-Options headers. This allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the SIEM systems’ load testing tools, such as the Kraken Stress Testing Toolkit, is related to the improper use of X-Content-Type-Options headers for protection mechanisms. Exploiting this vulnerability can allow attackers to compromise the confidentiality, integrity, and...

The vulnerability of the nfs4_state_shutdown_net() function in the fs/nfsd/nfs4state.c module of the nfsd component of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the nfs4stateshutdownnet function in the fs/nfsd/nfs4state.c module of the nfsd component of the Linux operating system is related to the reutilization of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...

Open5GS Denial of Service Vulnerability (CNVD-2025-08797)

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS suffers from a denial-of-service vulnerability that originates from a denial of service that results in a network outage. An attacker can exploit the vulnerability...

CVE-2025-25290

@octokit/request sends parameterized requests to GitHub’s APIs with sensible defaults in browsers and Node. Starting in version 1.0.0 and prior to versions 9.2.1 and 8.4.1, the regular expression /+; rel="deprecation"/ used to match the link header in HTTP responses is vulnerable to a ReDoS Regul...

CVE-2025-25290 @octokit/request has a Regular Expression in fetchWrapper that Leads to ReDoS Vulnerability Due to Catastrophic Backtracking

@octokit/request sends parameterized requests to GitHub’s APIs with sensible defaults in browsers and Node. Starting in version 1.0.0 and prior to versions 9.2.1 and 8.4.1, the regular expression /+; rel="deprecation"/ used to match the link header in HTTP responses is vulnerable to a ReDoS Regul...

CVE-2025-25290 @octokit/request has a Regular Expression in fetchWrapper that Leads to ReDoS Vulnerability Due to Catastrophic Backtracking

@octokit/request sends parameterized requests to GitHub’s APIs with sensible defaults in browsers and Node. Starting in version 1.0.0 and prior to versions 9.2.1 and 8.4.1, the regular expression /+; rel="deprecation"/ used to match the link header in HTTP responses is vulnerable to a ReDoS Regul...

CVE-2025-25290

CVE-2025-25290 affects Octokit’s request.js: the code path that parses HTTP Link headers uses an unbounded RegExp (/]+)>; rel="deprecation"/) to match deprecation links. This enables a ReDoS (Regular Expression Denial of Service) by crafted link headers, causing high CPU use and potential serv...

@octokit/request has a Regular Expression in fetchWrapper that Leads to ReDoS Vulnerability Due to Catastrophic Backtracking

Summary The regular expression /+; rel="deprecation"/ used to match the link header in HTTP responses is vulnerable to a ReDoS Regular Expression Denial of Service attack. This vulnerability arises due to the unbounded nature of the regex's matching behavior, which can lead to catastrophic...

CVE-2020-26821

SAP Solution Manager JAVA stack, version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorization checks in the SVG Converter Service, this has an impact to the integrity and availability of the service...