The vulnerability of the Linux operating system’s kernel PCI component, which allows a hacker to trigger a service failure

The vulnerability of the Linux operating system’s kernel-level PCI component is related to improper locking of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the block component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the block component in the Linux operating system’s kernel is related to the lack of memory release after the effective service life in the biointegrityprep function. Exploiting this vulnerability can allow a hacker to cause a service failure...

GNU Binutils xmalloc.c file memory leak vulnerability

GNU Binutils GNU Binary Utilities is a set of programming language utility programs developed by the American GNU community. The programs are primarily designed to work with target files in a variety of formats, and provide connectors, assemblers, and other tools for target files and archives. A...

Adobe Commerce Security Bypass Vulnerability (CNVD-2025-03631)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. A security bypass vulnerability exists in Adobe Commerce, which can be exploited by an attacker to cause a security feature bypass...

Adobe InDesign Out-of-Bounds Write Vulnerability (CNVD-2025-03633)

Adobe InDesign is a set of layout and editing applications from the American company Audobee Adobe. Adobe InDesign suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to execute arbitrary code in the current user's environment...

CVE-2025-26350

A CWE-434 "Unrestricted Upload of File with Dangerous Type" in the template file uploads in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated remote attacker to upload malicious files via crafted HTTP requests...

CVE-2020-3432

A vulnerability in the uninstaller component of Cisco AnyConnect Secure Mobility Client for Mac OS could allow an authenticated, local attacker to corrupt the content of any file in the filesystem. The vulnerability is due to the incorrect handling of directory paths. An attacker could exploit th...

The vulnerability of the kernel component of the Linux operating system, which allows a hacker to cause a service failure

The vulnerability of the kernel component of the Linux operating system is related to a memory leak. Exploiting this vulnerability can allow an attacker to cause a system failure...

The vulnerability of the nilfs2 component in the Linux operating system’s kernel, which allows a hacker to cause a service failure

The vulnerability of the nilfs2 component in the Linux operating system’s kernel is related to improper error handling. Exploiting this vulnerability can allow an attacker to cause a service failure...

GHSA-6FF8-JRFG-43HH Magento Business Logic Error vulnerability

Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a Business Logic Error vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerability to circumvent intended security mechanisms by manipulating th...

Microsoft Excel Remote Code Execution Vulnerability

...

Delta Electronics CNCSoft-G2 Buffer Overflow Vulnerability (CNVD-2025-06657)

Delta Electronics CNCSoft-G2 is a human-machine interface HMI software from Delta Electronics, China. The Delta Electronics CNCSoft-G2 suffers from a buffer overflow vulnerability that can be exploited by an attacker to execute code in the context of the current process...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a security vulnerability. An attacker exploiting the vulnerability can escalate privileges...

Open5GS Denial of Service Vulnerability (CNVD-2025-03134)

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A denial of service vulnerability exists in Open5GS, which can be exploited to cause a denial of service by an attacker who sends an "ENB Status Transmission" message...

CVE-2024-49794

Summary: CVE-2024-49794 affects IBM ApplinX 11.1 and is a cross-site request forgery vulnerability. Impact: could allow an attacker to perform malicious, unauthorized actions transmitted from a trusted user’s context. Root cause: injected CSRF in web actions; specific technical details are not pr...

CVE-2022-39206

Onedev is an open source, self-hosted Git Server with CI/CD and Kanban. When using Docker-based job executors, the Docker socket e.g. /var/run/docker.sock on Linux is mounted into each Docker step. Users that can define and trigger CI/CD jobs on a project could use this to control the Docker daem...

CVE-2025-20169

A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this...

CVE-2024-21802

A heap-based buffer overflow vulnerability exists in the GGUF library info-ne functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2024-3067

The WooCommerce Google Feed Manager plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 2.4.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possib...

CVE-2024-47043

Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could enable an attacker to correlate a device serial number and the user's phone number and part of the email address...