176 matches found
JeeWMS 注入漏洞
JeeWMS is JeeWMS open source a JAVA-based warehouse management system . JeeWMS 20241108 and earlier versions have an injection vulnerability that stems from the parameter begindate in the file cgReportController.do can lead to SQL injection...
kernel: block: refine the EOF check in blkdev_iomap_begin
In the Linux kernel, the following vulnerability has been resolved: block: refine the EOF check in blkdeviomapbegin blkdeviomapbegin rounds down the offset to the logical block size before stashing it in iomap-offset and checking that it still is inside the inode size. Check the isize check to th...
The vulnerabilities of the `write_seqcount_begin()` and `write_seqcount_end()` functions in the Linux operating system allow attackers to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the v3djobstartstats function in the Linux operating system is related to improper locking of resources. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...
SUSE CVE-2024-44945
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink: Initialise extack before use in ACKs Add missing extack initialisation when ACKing BATCHBEGIN and BATCHEND...
DEBIAN-CVE-2024-44945
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink: Initialise extack before use in ACKs Add missing extack initialisation when ACKing BATCHBEGIN and BATCHEND...
UBUNTU-CVE-2024-44945
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink: Initialise extack before use in ACKs Add missing extack initialisation when ACKing BATCHBEGIN and BATCHEND...
MAL-2024-7614 Malicious code in sap-begin (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 70b7d7d3eaf8577047d02fdc20282baf63ce35db280b2779c49737c6458114d9 The OpenSSF Package Analysis project identified 'sap-begin' @ 0.0.0 npm as malicious. It is considered malicious because: - The package...
Malicious code in sap-begin (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 70b7d7d3eaf8577047d02fdc20282baf63ce35db280b2779c49737c6458114d9 The OpenSSF Package Analysis project identified 'sap-begin' @ 0.0.0 npm as malicious. It is considered malicious because: - The package...
DEBIAN-CVE-2024-38604
In the Linux kernel, the following vulnerability has been resolved: block: refine the EOF check in blkdeviomapbegin blkdeviomapbegin rounds down the offset to the logical block size before stashing it in iomap-offset and checking that it still is inside the inode size. Check the isize check to th...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a security issue in block blkdeviomapbegin...
kernel: perf/core: Fix perf_output_begin parameter is incorrectly invoked in perf_event_bpf_output
In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix perfoutputbegin parameter is incorrectly invoked in perfeventbpfoutput syzkaller reportes a KASAN issue with stack-out-of-bounds. The call trace is as follows: dumpstack+0x9c/0xd3...
haproxy: data leak via fcgi requests
A flaw was found in HAProxy, which could allow a remote attacker to obtain sensitive information caused by improper initialization when encoding the FCGIBEGINREQUEST record. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information and us...
PT-2025-49496
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the JFS filesystem within the Linux kernel. Specifically, a missing check for a read-only mounted filesystem in the txBegin function could lead to a NULL pointer...
DEBIAN-CVE-2023-0836
An information leak vulnerability was discovered in HAProxy 2.1, 2.2 before 2.2.27, 2.3, 2.4 before 2.4.21, 2.5 before 2.5.11, 2.6 before 2.6.8, 2.7 before 2.7.1. There are 5 bytes left uninitialized in the connection buffer when encoding the FCGIBEGINREQUEST record. Sensitive data may be disclos...
UBUNTU-CVE-2023-0836
An information leak vulnerability was discovered in HAProxy 2.1, 2.2 before 2.2.27, 2.3, 2.4 before 2.4.21, 2.5 before 2.5.11, 2.6 before 2.6.8, 2.7 before 2.7.1. There are 5 bytes left uninitialized in the connection buffer when encoding the FCGIBEGINREQUEST record. Sensitive data may be disclos...
SUSE CVE-2023-0836
An information leak vulnerability was discovered in HAProxy 2.1, 2.2 before 2.2.27, 2.3, 2.4 before 2.4.21, 2.5 before 2.5.11, 2.6 before 2.6.8, 2.7 before 2.7.1. There are 5 bytes left uninitialized in the connection buffer when encoding the FCGIBEGINREQUEST record. Sensitive data may be disclos...
SUSE CVE-2013-7345
The BEGIN regular expression in the awk script detector in magic/Magdir/commands in file before 5.15 uses multiple wildcards with unlimited repetitions, which allows context-dependent attackers to cause a denial of service CPU consumption via a crafted ASCII file that triggers a large amount of...
SUSE CVE-2014-0172
Integer overflow in the checksection function in dwarfbeginelf.c in the libdw library, as used in elfutils 0.153 and possibly through 0.158 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a malformed compressed debug section in an ELF...
SUSE CVE-2015-8050
Use-after-free vulnerability in the MovieClip object implementation in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before...
SUSE CVE-2017-0376
The hidden-service feature in Tor before 0.3.0.8 allows a denial of service assertion failure and daemon exit in the connectionedgeprocessrelaycell function via a BEGINDIR cell on a rendezvous circuit...