37005 matches found
Cache Poisoning
react-router is vulnerable to Cache Poisoning. The vulnerability is due to improper request handling due to allowing header-based switching from SSR to SPA mode, which can trigger an error response that is then cached, affecting application availability...
com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson
A flaw was found in gson, which is vulnerable to Deserialization of Untrusted Data via the writeReplace method in internal classes. This issue may lead to availability attacks...
OPENSUSE-SU-2025:15052-1 grafana-11.5.4-1.1 on GA media
These are all security issues fixed in the grafana-11.5.4-1.1 package on the GA media of openSUSE Tumbleweed...
CVE-2022-21546
In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix WRITESAME No Data Buffer crash In newer version of the SBC specs, we have a NDOB bit that indicates there is no data buffer that gets written out. If this bit is set using commands like "sgwritesame --ndob" we...
CVE-2022-21546
In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix WRITESAME No Data Buffer crash In newer version of the SBC specs, we have a NDOB bit that indicates there is no data buffer that gets written out. If this bit is set using commands like "sgwritesame --ndob" we...
CVE-2022-21546 scsi: target: Fix WRITE_SAME No Data Buffer crash
In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix WRITESAME No Data Buffer crash In newer version of the SBC specs, we have a NDOB bit that indicates there is no data buffer that gets written out. If this bit is set using commands like "sgwritesame --ndob" we...
CVE-2022-21546 scsi: target: Fix WRITE_SAME No Data Buffer crash
In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix WRITESAME No Data Buffer crash In newer version of the SBC specs, we have a NDOB bit that indicates there is no data buffer that gets written out. If this bit is set using commands like "sgwritesame --ndob" we...
CVE-2022-21546
In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix WRITESAME No Data Buffer crash In newer version of the SBC specs, we have a NDOB bit that indicates there is no data buffer that gets written out. If this bit is set using commands like "sgwritesame --ndob" we...
DEBIAN-CVE-2023-53036
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix call trace warning and hang when removing amdgpu device On GPUs with RAS enabled, below call trace and hang are observed when shutting down device. v2: use DRM device unplugged flag instead of shutdown flag as the...
CVE-2025-32974
XWiki is a generic wiki platform. In versions starting from 15.9-rc-1 to before 15.10.8 and from 16.0.0-rc-1 to before 16.2.0, the required rights analysis doesn't consider TextAreas with default content type. When editing a page, XWiki warns since version 15.9 when there is content on the page...
CVE-2022-49921
In the Linux kernel, the following vulnerability has been resolved: net: sched: Fix use after free in redenqueue We can't use "skb" again after passing it to qdiscenqueue. This is basically identical to commit 2f09707d0c97 "schsfb: Also store skb len before calling child enqueue"...
Capability-Based Multi-Tenant Access Management in Crowdsourced Drone Services
We propose a capability-based access control method that leverages OAuth 2.0 and Verifiable Credentials VCs to share resources in crowdsourced drone services. VCs securely encode claims about entities, offering flexibility. However, standardized protocols for VCs are lacking, limiting their...
PT-2025-18734 · Ibm · Ibm Concert
Name of the Vulnerable Software and Affected Versions: IBM Concert Software versions 1.0.0 through 1.0.5 Description: The issue allows a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view...
OPENSUSE-SU-2025:15045-1 MozillaFirefox-138.0-1.1 on GA media
These are all security issues fixed in the MozillaFirefox-138.0-1.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2025:15047-1 hauler-1.2.4-1.1 on GA media
These are all security issues fixed in the hauler-1.2.4-1.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2025:15048-1 tomcat-9.0.104-1.1 on GA media
These are all security issues fixed in the tomcat-9.0.104-1.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2025:15046-1 docker-28.1.1_ce-16.1 on GA media
These are all security issues fixed in the docker-28.1.1ce-16.1 package on the GA media of openSUSE Tumbleweed...
The vulnerability of the formWifiMacFilterSet function in the Tenda i12 wireless access point’s microprogramming software allows a intruder to influence the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the formWifiMacFilterSet function in the Tenda i12 wireless access point’s microprogramming software lies in the reading of data outside the buffer in memory when processing the index parameter. Exploiting this vulnerability allows a remote attacker to compromise the...
CVE-2025-46558
The CVE-2025-46558 issue affects XWiki Contrib's Syntax Markdown (org.xwiki.contrib.markdown:syntax-markdown-commonmark12). A cross-site scripting (XSS) vulnerability exists in Markdown syntax versions 8.2 through before 8.9 via HTML, allowing any user to embed JavaScript that executes in other u...
CVE-2025-32974 org.xwiki.platform:xwiki-platform-security-requiredrights-default required rights analysis doesn't consider TextAreas with default content type
XWiki is a generic wiki platform. In versions starting from 15.9-rc-1 to before 15.10.8 and from 16.0.0-rc-1 to before 16.2.0, the required rights analysis doesn't consider TextAreas with default content type. When editing a page, XWiki warns since version 15.9 when there is content on the page...