495 matches found
USN-7608-7: Linux kernel (Azure) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - SMB network file system; - Memory management; - Netfilter; - Network traffic control; CVE-2025-37890...
USN-7671-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ACPI drivers; - GPU drivers; - SMB network file system; - Memory management; - Netfilter; - Network traffic control...
CVE-2025-3225
An XML Entity Expansion vulnerability, also known as a 'billion laughs' attack, exists in the sitemap parser of the run-llama/llamaindex repository, specifically affecting version v0.12.21. This vulnerability allows an attacker to supply a malicious Sitemap XML, leading to a Denial of Service DoS...
CVE-2025-3225 XML Entity Expansion vulnerability in run-llama/llama_index
An XML Entity Expansion vulnerability, also known as a 'billion laughs' attack, exists in the sitemap parser of the run-llama/llamaindex repository, specifically affecting version v0.12.21. This vulnerability allows an attacker to supply a malicious Sitemap XML, leading to a Denial of Service DoS...
CVE-2025-52887 cpp-httplib has unlimited number of http header fields, which causes memory leak
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. In version 0.21.0, when many http headers fields are passed in, the library does not limit the number of headers, and the memory associated with the headers will not be released when the connection is disconnected...
Denial Of Service (DoS)
Liferay Portal is vulnerable to Denial Of Service DoS. The vulnerability is due to unrestricted saving of request parameters in the HTTP session, which allows remote attackers to consume system memory via crafted HTTP requests...
GHSA-MF3R-6M25-3867 Liferay Portal SessionClicks does not restrict the saving of request parameters in the HTTP session
SessionClicks in Liferay Portal 7.0.0 through 7.4.3.21, and Liferay DXP 7.4 GA through update 9, 7.3 GA through update 25, and older unsupported versions does not restrict the saving of request parameters in the HTTP session, which allows remote attackers to consume system memory leading to...
Liferay Portal SessionClicks does not restrict the saving of request parameters in the HTTP session
SessionClicks in Liferay Portal 7.0.0 through 7.4.3.21, and Liferay DXP 7.4 GA through update 9, 7.3 GA through update 25, and older unsupported versions does not restrict the saving of request parameters in the HTTP session, which allows remote attackers to consume system memory leading to...
CVE-2025-3526
SessionClicks in Liferay Portal 7.0.0 through 7.4.3.21, and Liferay DXP 7.4 GA through update 9, 7.3 GA through update 25, and older unsupported versions does not restrict the saving of request parameters in the HTTP session, which allows remote attackers to consume system memory leading to...
PT-2025-25556
Name of the Vulnerable Software and Affected Versions Liferay Portal versions 7.0.0 through 7.4.3.21 Liferay DXP versions 7.4 GA through update 9 Liferay DXP versions 7.3 GA through update 25 Liferay DXP older unsupported versions Description The issue allows remote attackers to consume system...
CVE-2023-48010
STMicroelectronics SPC58 is vulnerable to Missing Protection Mechanism for Alternate Hardware Interface. Code running as Supervisor on the SPC58 PowerPC microcontrollers may disable the System Memory Protection Unit and gain unabridged read/write access to protected assets...
linux-firmware security update
An update is available for linux-firmware. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The linux-firmware packages contain all of the firmware files that are...
Denial Of Service (DoS)
XGrammar is vulnerable to Denial Of Service DoS. The vulnerability is due to unbounded in-memory caching of compiled grammars, allows an attacker to exhaust system memory due to unbounded in-memory caching of compiled grammars...
Linux Kernel Out-of-Bounds Access Vulnerability
Linux Kernel contains an out-of-bounds access vulnerability in the USB-audio driver that allows an attacker with physical access to the system to use a malicious USB device to potentially manipulate system memory, escalate privileges, or execute arbitrary code...
SUSE-SU-2025:20240-1 Security update for gstreamer
This update for gstreamer fixes the following issues: - CVE-2024-47606: avoid integer overflow when allocating sysmem bsc1234449...
Linux Distros Unpatched Vulnerability : CVE-2024-35995
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ACPI: CPPC: Use accesswidth over bitwidth for system memory accesses To align with ACPI 6.3+, since bitwidth can be any 8-bit value, it cannot be depended on to...
Linux Distros Unpatched Vulnerability : CVE-2020-19726
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in binutils libbfd.c 2.36 relating to the auxiliary symbol data allows attackers to read or write to system memory or cause a denial of...
Linux Distros Unpatched Vulnerability : CVE-2020-14381
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Linux kernel's futex implementation. This flaw allows a local attacker to corrupt system memory or escalate their privileges when creati...
Denial Of Service (DoS)
libming.so is vulnerable to Denial Of Service DoS. The vulnerability is due to a memory leak in the parseSWFFILTERLIST function in util/parser.c and by improper memory management when processing crafted SWF files, allowing attackers to exhaust system memory and trigger a denial of service...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from arm-smmu-v3 not checking the return value of platformgetresource, which could lead to a null pointer dereference...