18 matches found
CVE-2025-71111
In the Linux kernel, the following vulnerability has been resolved: hwmon: w83791d Convert macros to functions to avoid TOCTOU The macro FANFROMREG evaluates its arguments multiple times. When used in lockless contexts involving shared driver data, this leads to Time-of-Check to Time-of-Use TOCTO...
CVE-2025-71111
In the Linux kernel, the following vulnerability has been resolved: hwmon: w83791d Convert macros to functions to avoid TOCTOU The macro FANFROMREG evaluates its arguments multiple times. When used in lockless contexts involving shared driver data, this leads to Time-of-Check to Time-of-Use TOCTO...
CVE-2025-71111
In the Linux kernel, the following vulnerability has been resolved: hwmon: w83791d Convert macros to functions to avoid TOCTOU The macro FANFROMREG evaluates its arguments multiple times. When used in lockless contexts involving shared driver data, this leads to Time-of-Check to Time-of-Use TOCTO...
CVE-2025-71111
CVE-2025-71111 (Linux kernel) : A TOCTOU race in hwmon w83791d caused by a macro, FAN_FROM_REG, evaluating arguments multiple times in lockless contexts, potentially triggering divide-by-zero. The fix converts the macro to a static function (arguments evaluated once, by-value). Additionally, stor...
CVE-2025-71111
In the Linux kernel, the following vulnerability has been resolved: hwmon: w83791d Convert macros to functions to avoid TOCTOU The macro FANFROMREG evaluates its arguments multiple times. When used in lockless contexts involving shared driver data, this leads to Time-of-Check to Time-of-Use TOCTO...
CVE-2025-71111 hwmon: (w83791d) Convert macros to functions to avoid TOCTOU
In the Linux kernel, the following vulnerability has been resolved: hwmon: w83791d Convert macros to functions to avoid TOCTOU The macro FANFROMREG evaluates its arguments multiple times. When used in lockless contexts involving shared driver data, this leads to Time-of-Check to Time-of-Use TOCTO...
CVE-2025-71111 hwmon: (w83791d) Convert macros to functions to avoid TOCTOU
In the Linux kernel, the following vulnerability has been resolved: hwmon: w83791d Convert macros to functions to avoid TOCTOU The macro FANFROMREG evaluates its arguments multiple times. When used in lockless contexts involving shared driver data, this leads to Time-of-Check to Time-of-Use TOCTO...
EUVD-2016-6082
Malware in sbrugna...
EUVD-2021-2010
Malware in sbrugna...
UBUNTU-CVE-2021-23520
The package juce-framework/juce before 6.1.5 are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip via the ZipFile::uncompressEntry function in juceZipFile.cpp. This vulnerability is triggered when the archive is extracted upon calling uncompressTo on a ZipFile object...
libsolv 缓冲区错误漏洞
libsolv is a library for checking package dependencies. libsolv versions prior to 0.7.17 have a buffer overflow vulnerability in the function pruneto in src/policy.c, which can be exploited by attackers to cause a denial of service...
CVE-2021-23429 Denial of Service (DoS)
All versions of package transpile are vulnerable to Denial of Service DoS due to a lack of input sanitization or whitelisting, coupled with improper exception handling in the .to function...
transpile 路径遍历漏洞
transpile is an open source package that converts JavaScript modules from one format to another. transpile suffers from a security vulnerability that stems from the application's lack of input sanitization or whitelisting, combined with poor exception handling in the .to function, which makes it...
Denial of Service (DoS)
Overview transpile is a Transpiles JavaScript modules from one format to another. Affected versions of this package are vulnerable to Denial of Service DoS due to a lack of input sanitization or whitelisting, coupled with improper exception handling in the .to function. PoC Base code: var transpi...
Amazon Linux 2 : libxml2 (ALAS-2020-1466)
The version of libxml2 installed on the remote host is prior to 2.9.1-6. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1466 advisory. A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval function of libxml2 through 2.9.8 when...
EulerOS 2.0 SP3 : libxml2 (EulerOS-SA-2018-1156)
According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial ...
Design/Logic Flaw
Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function...
CVE-2016-5131
Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function...