6765 matches found
CVE-2024-52282 Rancher Helm Applications may have sensitive values leaked
A Exposure of Sensitive Information to an Unauthorized Actor vulnerability in SUSE rancher allowing any users with GET access to the Rancher Manager Apps Catalog to read any sensitive information that are contained within the Apps’ values. Additionally, the same information leaks into auditing lo...
CLSA-2025-1744359874 Update of gnutls
fips: Zeroize temporary values in integrity check RHEL-21870...
Allocation of Resources Without Limits or Throttling
Overview Microsoft.AspNetCore.App.Runtime.win-x86 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling wh...
Allocation of Resources Without Limits or Throttling
Overview Microsoft.AspNetCore.App.Runtime.osx-x64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling wh...
Allocation of Resources Without Limits or Throttling
Overview Microsoft.AspNetCore.App.Runtime.win-arm is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling wh...
Dell Common Event Enabler 安全漏洞
Dell Common Event Enabler is a framework from Dell USA. An unauthorized access vulnerability exists in Dell Common Event Enabler, which arises from the use of insecure default values when initializing resources, and can be exploited by an attacker to cause unauthorized access...
PT-2025-15615
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A logical bug exists in handling lazy-loaded values during unparceling. This issue is being actively exploited. Recommendations: At the moment, there is no information about a newer version...
PT-2025-32996
Name of the Vulnerable Software and Affected Versions: ImageMagick versions prior to 7.1.2-1 Description: ImageMagick is software used for editing and manipulating digital images. A memory corruption issue occurs when preparing to transform from Log to sRGB colorspaces, specifically when the...
CVE-2024-57835
Amon2::Auth::Site::LINE uses the String::Random module to generate nonce values. String::Random defaults to Perl's built-in predictable random number generator, the rand function, which is not cryptographically secure...
SUSE CVE-2025-21932
In the Linux kernel, the following vulnerability has been resolved: mm: abort vmamodify on merge out of memory failure The remainder of vmamodify relies upon the vmg state remaining pristine after a merge attempt. Usually this is the case, however in the one edge case scenario of a merge attempt...
CVE-2025-22001 accel/qaic: Fix integer overflow in qaic_validate_req()
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Fix integer overflow in qaicvalidatereq These are u64 variables that come from the user via qaicattachsliceboioctl. Use checkaddoverflow to ensure that the math doesn't have an integer wrapping bug...
Exploit for CVE-2025-31864
CVE-2025-31864 1️⃣ Component type WordPress plugin 2️...
CVE-2025-2779
The Insert Headers and Footers Code – HT Script plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxdismiss function in all versions up to, and including, 1.1.2. This makes it possible for authenticated attackers, with...
CVE-2025-2779 Insert Headers and Footers Code – HT Script <= 1.1.2 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update
The Insert Headers and Footers Code – HT Script plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxdismiss function in all versions up to, and including, 1.1.2. This makes it possible for authenticated attackers, with...
CVE-2025-2779
The CVE-2025-2779 entry describes a vulnerability in the WordPress plugin Insert Headers and Footers Code – HT Script where a missing capability check in ajax_dismiss (versions
AZL-60273 CVE-2025-21959 affecting package kernel for versions less than 6.6.85.1-2
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconncount: Fully initialize struct nfconncounttuple in inserttree Since commit b36e4523d4d5 "netfilter: nfconncount: fix garbage collection confirm race", cpu and jiffies32 were introduced to the struct...
CVE-2025-21959
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconncount: Fully initialize struct nfconncounttuple in inserttree Since commit b36e4523d4d5 "netfilter: nfconncount: fix garbage collection confirm race", cpu and jiffies32 were introduced to the struct...
CVE-2025-21952 HID: corsair-void: Update power supply values with a unified work handler
In the Linux kernel, the following vulnerability has been resolved: HID: corsair-void: Update power supply values with a unified work handler corsairvoidprocessreceiver can be called from an interrupt context, locking batterymutex in it was causing a kernel panic. Fix it by moving the critical...
CVE-2025-21952
CVE-2025-21952 relates to the Linux kernel and affects the corsair-void subsystem. The issue occurs when corsair_void_process_receiver is invoked from an interrupt context, where it previously locked battery_mutex, risking a kernel panic. The fix relocates the critical section into its own work i...
CVE-2025-21952 HID: corsair-void: Update power supply values with a unified work handler
In the Linux kernel, the following vulnerability has been resolved: HID: corsair-void: Update power supply values with a unified work handler corsairvoidprocessreceiver can be called from an interrupt context, locking batterymutex in it was causing a kernel panic. Fix it by moving the critical...