6938 matches found
EUVD-2026-0980
Directus is a real-time API and App dashboard for managing SQL database content. Prior to version 11.14.0, an open redirect vulnerability exists in the Directus SAML authentication callback endpoint. During SAML authentication, the RelayState parameter is intended to preserve the user's original...
PT-2026-2139
Name of the Vulnerable Software and Affected Versions Directus versions prior to 11.14.0 Description Directus is a real-time API and App dashboard for managing SQL database content. An open redirect exists in the Directus SAML authentication callback endpoint. The RelayState parameter, intended t...
CVE-2022-27938
stbimage.h aka the stb image loader 2.19, as used in libsixel and other products, has a reachable assertion in stbicreatepngimageraw...
CVE-2022-27240
scheme/webauthn.c in Glewlwyd SSO server 2.x before 2.6.2 has a buffer overflow associated with a webauthn assertion...
CVE-2019-12822
In http.c in Embedthis GoAhead before 4.1.1 and 5.x before 5.0.1, a header parsing vulnerability causes a memory assertion, out-of-bounds memory reference, and potential DoS, as demonstrated by a colon on a line by itself...
aiohttp 安全漏洞
aiohttp is an open source aio-libs open source asynchronous HTTP client/server framework for asyncio and Python. A security vulnerability exists in aiohttp 3.13.2 and earlier versions, which stems from an infinite loop that may result from bypassing an assertion statement, possibly leading to a...
PT-2026-26134
Name of the Vulnerable Software and Affected Versions nghttp2 versions prior to 1.68.1 Description nghttp2 is a C implementation of the Hypertext Transfer Protocol version 2. Versions of nghttp2 prior to 1.68.1 are susceptible to a denial-of-service condition. This occurs because the library does...
PT-2026-6115
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.19.0-rc2+ Description The Linux kernel contains an issue within the ena network driver related to a missing lock when updating devlink parameters. Specifically, a warning was observed during the call to devl...
PT-2026-22016
Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.23.0 Description A missing bounds check in the smartcard unpack read size align function within libfreerdp/utils/smartcard pack.c can cause the FreeRDP client to crash when connecting to a malicious RDP server. This...
PT-2026-26015
Name of the Vulnerable Software and Affected Versions Xen affected versions not specified Description A guest issuing a Xenstore command accessing a node using the path '/local/domain/' can cause xenstored to crash due to a corrupted error indicator during node path verification. The crash is...
PT-2026-29037
Name of the Vulnerable Software and Affected Versions Node.js affected versions not specified Description A flaw in Node.js URL processing can lead to an assertion failure in native code when the url.format function is invoked with a malformed internationalized domain name IDN containing invalid...
PT-2026-29133
Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.24.2 Description FreeRDP is a free implementation of the Remote Desktop Protocol. An unvalidated auth length field read from the network triggers a WINPR ASSERT failure in the rts read auth verifier no checks...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992944)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992944 advisory. In the Linux kernel, the following vulnerability has been resolved: jbd2: fix assertion 'jh-bfrozendata == NULL' failure when journal aborted Following process will...
CVE-2023-54253
In the Linux kernel, the following vulnerability has been resolved: btrfs: set page extent mapped after readfolio in relocateonepage One of the CI runs triggered the following panic assertion failed: PagePrivatepage && page-private, in fs/btrfs/subpage.c:229 ------------ cut here ------------...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the presence of a BUGON assertion in the addnewfreespace function, which could cause the kernel to crash...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992333)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992333 advisory. In the Linux kernel, the following vulnerability has been resolved: jbd2: fix assertion 'jh-bfrozendata == NULL' failure when journal aborted Following process will...
CVE-2025-15176
A flaw has been found in Open5GS up to 2.7.5. This affects the function decodeipv6header/ogspfcppdrrulefindbypacket of the file lib/pfcp/rule-match.c of the component PFCP Session Establishment Request Handler. Executing a manipulation can lead to reachable assertion. It is possible to launch the...
CVE-2025-15176 Open5GS PFCP Session Establishment Request rule-match.c ogs_pfcp_pdr_rule_find_by_packet assertion
A flaw has been found in Open5GS up to 2.7.5. This affects the function decodeipv6header/ogspfcppdrrulefindbypacket of the file lib/pfcp/rule-match.c of the component PFCP Session Establishment Request Handler. Executing a manipulation can lead to reachable assertion. It is possible to launch the...
CVE-2025-15176 Open5GS PFCP Session Establishment Request rule-match.c ogs_pfcp_pdr_rule_find_by_packet assertion
A flaw has been found in Open5GS up to 2.7.5. This affects the function decodeipv6header/ogspfcppdrrulefindbypacket of the file lib/pfcp/rule-match.c of the component PFCP Session Establishment Request Handler. Executing a manipulation can lead to reachable assertion. It is possible to launch the...
CVE-2025-15176
A flaw has been found in Open5GS up to 2.7.5. This affects the function decodeipv6header/ogspfcppdrrulefindbypacket of the file lib/pfcp/rule-match.c of the component PFCP Session Establishment Request Handler. Executing a manipulation can lead to reachable assertion. It is possible to launch the...