8436 matches found
OPENSUSE-SU-2026:20406-1 Security update for python-tornado6
This update for python-tornado6 fixes the following issues: - CVE-2026-31958: parsing large multipart bodies with many parts can cause a denial of service bsc1259553. - incomplete validation of cookie attributes allows for injection of user-controlled values in other cookie attributes bsc1259630...
CVE-2026-32888
Open Source Point of Sale is a web based point-of-sale application written in PHP using CodeIgniter framework. Versions contain an SQL Injection in the Items search functionality. When the custom attribute search feature is enabled searchcustom filter, user-supplied input from the search GET...
CVE-2026-32888
Open Source Point of Sale is a web based point-of-sale application written in PHP using CodeIgniter framework. Versions contain an SQL Injection in the Items search functionality. When the custom attribute search feature is enabled searchcustom filter, user-supplied input from the search GET...
CVE-2026-29106
SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Prior to versions 7.15.1 and 8.9.3, the value of the returnid request parameter is copied into the value of an HTML tag attribute which is an event handler and is encapsulated in double quotati...
EUVD-2026-13369
SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Prior to versions 7.15.1 and 8.9.3, the value of the returnid request parameter is copied into the value of an HTML tag attribute which is an event handler and is encapsulated in double quotati...
fs: ntfs3: fix infinite loop triggered by zero-sized ATTR_LIST
...
PT-2026-26477
Name of the Vulnerable Software and Affected Versions DiceBear versions prior to 5.4.4 DiceBear versions 6.1.4 and earlier DiceBear versions 7.1.4 and earlier DiceBear versions 8.0.3 and earlier DiceBear versions 9.4.1 and earlier Description The software does not properly escape SVG attribute...
Improperly Controlled Modification of Dynamically-Determined Object Attributes
Overview deepdiff is a Deep Difference and Search of any Python object/data. Recreate objects by adding adding deltas to each other. Affected versions of this package are vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes via the RestrictedUnpickler...
CVE-2025-71265
In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop in attrloadrunsrange on inconsistent metadata We found an infinite loop bug in the ntfs3 file system that can lead to a Denial-of-Service DoS condition. A malformed NTFS image can cause an infinite lo...
CVE-2025-71267
In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop triggered by zero-sized ATTRLIST We found an infinite loop bug in the ntfs3 file system that can lead to a Denial-of-Service DoS condition. A malformed NTFS image can cause an infinite loop when an...
CVE-2025-71265
In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop in attrloadrunsrange on inconsistent metadata We found an infinite loop bug in the ntfs3 file system that can lead to a Denial-of-Service DoS condition. A malformed NTFS image can cause an infinite lo...
UBUNTU-CVE-2025-71267
In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop triggered by zero-sized ATTRLIST We found an infinite loop bug in the ntfs3 file system that can lead to a Denial-of-Service DoS condition. A malformed NTFS image can cause an infinite loop when an...
CVE-2025-71267 fs: ntfs3: fix infinite loop triggered by zero-sized ATTR_LIST
In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop triggered by zero-sized ATTRLIST We found an infinite loop bug in the ntfs3 file system that can lead to a Denial-of-Service DoS condition. A malformed NTFS image can cause an infinite loop when an...
CVE-2025-71267
CVE-2025-71267 : In the Linux kernel ntfs3 file system, a flaw in ATTR_LIST handling can cause an infinite loop and DoS during mount. Specifically, when ntfs_load_attr_list() processes a resident ATTR_LIST with data_size set to zero, memory is still allocated due to al_aligned(0), leaving ni->...
CVE-2025-71265
In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop in attrloadrunsrange on inconsistent metadata We found an infinite loop bug in the ntfs3 file system that can lead to a Denial-of-Service DoS condition. A malformed NTFS image can cause an infinite lo...
CVE-2025-71265
In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop in attrloadrunsrange on inconsistent metadata We found an infinite loop bug in the ntfs3 file system that can lead to a Denial-of-Service DoS condition. A malformed NTFS image can cause an infinite lo...
Security update for 389-ds
This update for 389-ds fixes the following issues: CVE-2025-14905: Fixed heap buffer overflow due to improper size calculation in schemaattrenumcallback callback bsc1258727. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
SUSE-SU-2026:0914-1 Security update for 389-ds
This update for 389-ds fixes the following issues: - CVE-2025-14905: Fixed heap buffer overflow due to improper size calculation in schemaattrenumcallback callback bsc1258727...
Security update for 389-ds
This update for 389-ds fixes the following issues: CVE-2025-14905: Fixed heap buffer overflow due to improper size calculation in schemaattrenumcallback callback bsc1258727. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ATTRLIST attribute of zero size, potentially triggering an infinite loop and leading to a...