Your phone called. It needs a cleanup.

Does it sometimes take your phone a few minutes to accomplish one simple task? That can be wildly frustrating. But you’re in luck, because we’ve got a free tool that scans your phone for leftover files, temporary data, outdated caches and helps you clean up all that junk. Introducing our Junk...

flatpak: Flatpak: Arbitrary file deletion on host via improper cache file path validation

A flaw was found in Flatpak, a Linux application sandboxing and distribution framework. The caching mechanism for ld.so dynamic linker/loader improperly removes outdated cache files without adequately verifying that the application-controlled path to the outdated cache is within the designated...

flatpak: Flatpak: Arbitrary file deletion on host via improper cache file path validation

A flaw was found in Flatpak, a Linux application sandboxing and distribution framework. The caching mechanism for ld.so dynamic linker/loader improperly removes outdated cache files without adequately verifying that the application-controlled path to the outdated cache is within the designated...

WWBN AVideo 跨站请求伪造漏洞

WWBN AVideo is a video platform building system written in PHP, developed by the WWBN team. Versions of WWBN AVideo prior to 29.0 contained a cross-site request forgeing vulnerability. This vulnerability stemmed from the lack of CSRF protection and MIME validation in the objects/userSavePhoto.php...

CVE-2026-34079

Flatpak is a Linux application sandboxing and distribution framework. Prior to 1.16.4, the caching for ld.so removes outdated cache files without properly checking that the app controlled path to the outdated cache is in the cache directory. This allows Flatpak apps to delete arbitrary files on t...

Allocation of Resources Without Limits or Throttling

Overview next is a react framework. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to the lack of an upper bound on the disk cache used by the image optimization. An attacker can exhaust disk storage by generating a large number of...

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : Evolution Data Server vulnerability (USN-8055-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by a vulnerability as referenced in the USN-8055-1 advisory. It was discovered that Evolution Data Server incorrectly handled removing local cache files. An attacker could possibly use this issue to caus...

CVE-2025-40137

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to truncate first page in error path of f2fstruncate syzbot reports a bug as below: loop0: detected capacity change from 0 to 40427 F2FS-fs loop0: Wrong SSA boundary, start3584 end4096 blocks3072 F2FS-fs loop0: Can't fi...

CVE-2025-40137 f2fs: fix to truncate first page in error path of f2fs_truncate()

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to truncate first page in error path of f2fstruncate syzbot reports a bug as below: loop0: detected capacity change from 0 to 40427 F2FS-fs loop0: Wrong SSA boundary, start3584 end4096 blocks3072 F2FS-fs loop0: Can't fi...

Frappe Learning 安全漏洞

Frappe Learning is an easy-to-use open source learning management system from Frappe Open Source. A security vulnerability exists in Frappe Learning version 2.0.0 up to and including version 2.41.0, which stems from improper cache cleanup and may result in a delayed role revocation taking effect...

Reolink desktop application 安全漏洞

Reolink desktop application is a security camera monitoring software from Reolink USA. A security vulnerability exists in Reolink desktop application version 8.18.12, which stems from a mishandling of specially crafted folder names by the scheduled cache cleanup mechanism, which could lead to a...

CVE-2023-30853

Gradle Build Action allows users to execute a Gradle Build in their GitHub Actions workflow. A vulnerability impacts GitHub workflows using the Gradle Build Action prior to version 2.4.2 that have executed the Gradle Build Tool with the configuration cache enabled, potentially exposing secrets...

XWiki Platform 安全漏洞

XWiki Platform is the XWiki open source suite of Wiki platforms for creating web collaboration applications. A security vulnerability exists in XWiki Platform versions prior to 15.10.12, prior to 16.4.3, and prior to 16.8.0-rc-1, which stems from an improper check of the LESS compiler permissions...

CLSA-2025-1739386415 bind: Fix of 3 CVEs

CVE-2023-5517: fix a flaw causing named to crash with an assertion failure when nxdomain-redirect is set, and a PTR query for an RFC 1918 address returns NXDOMAIN - CVE-2023-5679: fix a crash in named due to an assertion failure during recursive resolution when both DNS64 and serve-stale are...

SUSE CVE-2023-6516

To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database. It uses several methods, including some that are asynchronous: a small chunk of memory pointing to the cache element that can be cleaned up is first allocated and then queue...

ALPINE-CVE-2023-6516

To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database. It uses several methods, including some that are asynchronous: a small chunk of memory pointing to the cache element that can be cleaned up is first allocated and then queue...

AZL-34561 CVE-2023-6516 affecting package bind for versions less than 9.19.21-1

To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database. It uses several methods, including some that are asynchronous: a small chunk of memory pointing to the cache element that can be cleaned up is first allocated and then queue...

ALPINE-CVE-2023-5680

If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache database node for this name can significantly impair query performance. This issue affects BIND 9 versions 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and...

UBUNTU-CVE-2023-6516

To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database. It uses several methods, including some that are asynchronous: a small chunk of memory pointing to the cache element that can be cleaned up is first allocated and then queue...

PT-2024-14985 · Isc +9 · Bind 9 +9

Name of the Vulnerable Software and Affected Versions: BIND 9 versions 9.16.0 through 9.16.45 BIND 9 versions 9.16.8-S1 through 9.16.45-S1 Description: The issue affects the named process running as a recursive resolver, which attempts to clean up its cache database using several methods, includi...