6765 matches found
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from histogram values not allowing certain modifiers...
DEBIAN-CVE-2025-37767
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Prevent division by zero The user can set any speed value. If speed is greater than UINTMAX/8, division by zero is possible. Found by Linux Verification Center linuxtesting.org with SVACE...
CVE-2025-37767 drm/amd/pm: Prevent division by zero
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Prevent division by zero The user can set any speed value. If speed is greater than UINTMAX/8, division by zero is possible. Found by Linux Verification Center linuxtesting.org with SVACE...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper msg-req tlv length checking in the tipc driver, which could lead to uninitialized value issues...
ghostscript: Buffer Overflow in Ghostscript PDF XRef Stream Handling
A flaw was found in Artifex Ghostscript's PDF XRef stream handling. This vulnerability allows a buffer overflow via crafted values in the W array of a PDF XRef stream...
Medium: libreoffice
Issue Overview: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in The Document Foundation LibreOffice allows Absolute Path Traversal. An attacker can write to arbitrary locations, albeit suffixed with ".ttf", by supplying a file in a format that support...
ZTE GoldenDB 安全漏洞
ZTE GoldenDB is a financial-grade transactional distributed database from China's ZTE Corporation ZTE. It is used in finance, government and enterprise, telecom and other industries to provide highly available data services. An input validation vulnerability exists in ZTE GoldenDB, which can be...
WordPress plugin Anps Theme plugin 代码注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
SUSE CVE-2025-23131
In the Linux kernel, the following vulnerability has been resolved: dlm: prevent NPD when writing a positive value to eventdone douevent returns the value written to eventdone. In case it is a positive value, newlockspace would undo all the work, and lockspace would not be set. dlmnewlockspace,...
CLSA-2025-1745530034 Fix CVE(s): CVE-2024-7592
SECURITY UPDATE: Quadratic complexity, resulting in excess CPU while parsing - debian/patches/CVE-2024-7592.patch: fix quadratic complexity in parsing "-quoted cookie values with backslashes - CVE-2024-7592...
AZL-61615 CVE-2025-46420 affecting package libsoup for versions less than 3.4.4-6
A flaw was found in libsoup. It is vulnerable to memory leaks in the soupheaderparsequalitylist function when parsing a quality list that contains elements with all zeroes...
SUSE CVE-2025-46420
A flaw was found in libsoup. It is vulnerable to memory leaks in the soupheaderparsequalitylist function when parsing a quality list that contains elements with all zeroes...
Cross-site Scripting (XSS)
golang.org/x/net is vulnerable to improper parsing logic. The vulnerability is due to incorrect tag interpretation in unquoted attribute values ending with a solidus / being mistakenly marked as self-closing, especially in foreign content like or . which allows attackers to exploit content in the...
CVE-2025-43962
In LibRaw before 0.21.4, phaseonecorrect in decoders/loadmfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large w0 or w1 values or the frac and mult calculations...
CVE-2025-43962
In LibRaw before 0.21.4, phaseonecorrect in decoders/loadmfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large w0 or w1 values or the frac and mult calculations...
CVE-2025-43963
In LibRaw before 0.21.4, phaseonecorrect in decoders/loadmfbacks.cpp allows out-of-buffer access because splitcol and splitrow values are not checked in 0x041f tag processing...
CVE-2025-43964
In LibRaw before 0.21.4, tag 0x412 processing in phaseonecorrect in decoders/loadmfbacks.cpp does not enforce minimum w0 and w1 values...
DEBIAN-CVE-2025-43964
In LibRaw before 0.21.4, tag 0x412 processing in phaseonecorrect in decoders/loadmfbacks.cpp does not enforce minimum w0 and w1 values...
CVE-2025-43962
In LibRaw before 0.21.4, phaseonecorrect in decoders/loadmfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large w0 or w1 values or the frac and mult calculations...
CVE-2025-43964
In LibRaw before 0.21.4, tag 0x412 processing in phaseonecorrect in decoders/loadmfbacks.cpp does not enforce minimum w0 and w1 values...