F5 BIG-IP 操作系统命令注入漏洞

F5 BIG-IP is an application delivery platform developed by F5 Technologies in the United States. It integrates functions such as network traffic management, application security management, and load balancing. F5 BIG-IP has a vulnerability related to operating system command injection. This...

CVE-2025-61958

CVE-2025-61958 is an iHealth TMOS Shell (tmsh) privilege-bypass vulnerability in BIG-IP. An authenticated user with at least Resource Administrator privileges can bypass tmsh restrictions and gain Advanced Shell (bash) access, potentially crossing Appliance mode boundaries. F5 provides fixes in m...

EUVD-2019-2418

Malware in sbrugna...

EUVD-2018-17672

Malware in sbrugna...

EUVD-2019-11967

Malware in sbrugna...

EUVD-2017-9495

Malware in sbrugna...

CVE-2025-38286 pinctrl: at91: Fix possible out-of-boundary access

In the Linux kernel, the following vulnerability has been resolved: pinctrl: at91: Fix possible out-of-boundary access at91gpioprobe doesn't check that given OF alias is not available or something went wrong when trying to get it. This might have consequences when accessing gpiochips array with...

CVE-2025-38286

CVE-2025-38286 affects the Linux kernel with a fault in pinctrl/at91: at91_gpio_probe() not validating the OF alias, allowing out-of-bounds access to gpio_chips when indexing with an invalid value. The bug, which could be exposed if BUG() is compiled out, is mitigated by a kernel fix/workaround d...

CVE-2025-46406

A Privilege Context Switching Error CWE-270 in the Command Center Server could allow a privileged Operator with high level access in one Division to perform limited privileged activities across the Division boundary. This issue affects Command Centre Server: 9.30 prior to 9.30.1874 MR1, 9.20 prio...

CVE-2019-10614

Out of boundary access is possible as there is no validation of data accessed against the received size of the packet in case of malicious firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon...

CVE-2019-2325

Out of boundary access due to token received from ADSP and is used without validation as an index into the array in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150...

CVE-2019-2324

When ADSP is compromised, the audio port index thats returned from ADSP might be out of the valid range and leads to out of boundary access in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music,...

CVE-2025-23239

When running in Appliance mode, and logged into a highly-privileged role, an authenticated remote command injection vulnerability exists in an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached E...

CVE-2025-23239

When running in Appliance mode, and logged into a highly-privileged role, an authenticated remote command injection vulnerability exists in an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached E...

[slackware-security] libarchive

New libarchive packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libarchive-3.7.5-i586-1slack15.0.txz: Upgraded. This update fixes the following security issues: fix multiple vulnerabilities...

CVE-2021-38874

IBM QRadar SIEM 7.3, 7.4, and 7.5 allows for users to access information across tenant and domain boundaries in some situations. IBM X-Force ID: 208397...

CVE-2021-3746

CVE-2021-3746 : libtpms suffers out-of-bounds access when handling TPM2 packets, triggered by crafted TPM2 commands and writes to volatile state, with the highest impact to availability. Affected are libtpms versions before 0.8.5, before 0.7.9, and before 0.6.6. Public advisories indicate a fix i...

Google TensorFlow缓冲区错误漏洞

A buffer overflow vulnerability exists in Google TensorFlow, an end-to-end open source platform for machine learning from Google, Inc. FractionalAvgPoolGrad" implementation may access data outside the boundaries of the heap allocation buffer. No details of the vulnerability are currently availabl...

SUSE: Security Advisory (SUSE-SU-2019:2600-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle PeopleSoft Enterprise HCM Human Resources CVE-2020-2561 Remote Security Vulnerability

Description Oracle PeopleSoft Enterprise HCM Human Resources is prone to a remote security vulnerability. These vulnerabilities can be exploited over the 'HTTP' protocol. The 'Company Dir / Org Chart Viewer' component is affected. These vulnerabilities affect the following supported versions: 9.2...