Apple macOS 安全漏洞

ch is a ClickHouse open source low-level Go client for ClickHouse. A security vulnerability exists in Apple macOS Sonoma prior to 14.8.2 and Sequoia prior to 15.7.2, which stems from insufficient privilege checking and could result in access to sensitive user data...

CVE-2025-54329

An issue was discovered in NAS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. The function used to send a multiple-payloads message including an SMS...

CVE-2025-54329

The CVE-2025-54329 issue affects Samsung Exynos devices (Samsung Mobile Processor, Wearable Processor, and Modems such as 5123/5300/5400 and related W-series) where a NAS function that handles multiple-payload messages (including SMS) does not properly validate input size. This bounds-checking fl...

MediaTek Chipsets 安全漏洞

MediaTek Chipsets is a series of chips from China's MediaTek Corporation MediaTek. A security vulnerability exists in MediaTek Chipsets that stems from incorrect boundary checking, which could result in out-of-bounds writes and could lead to local elevation of privilege if a malicious attacker ha...

MediaTek Chipsets 安全漏洞

MediaTek Chipsets is a series of chips from China's MediaTek Corporation MediaTek. A security vulnerability exists in MediaTek Chipsets that stems from incorrect boundary checking, which could lead to remote elevation of privilege...

xorg: xmayland: Value overflow in XkbSetCompatMap()

A flaw was identified in the X.Org X server’s X Keyboard Xkb extension where improper bounds checking in the XkbSetCompatMap function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a cras...

About the security content of Xcode 26.1

About the security content of Xcode 26.1 This document describes the security content of Xcode 26.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

PT-2025-44831

Name of the Vulnerable Software and Affected Versions iOS versions prior to 18.7.2 iPadOS versions prior to 18.7.2 Description An issue involving out-of-bounds access exists due to insufficient bounds checking. Processing a specially crafted media file could result in application crashes or memor...

RLSA-2025:19106 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: NFS: Fix a race when updating an existing write CVE-2025-39697 kernel: vsock/virtio: Validate length in packet header before skbput CVE-2025-39718 kernel: NFS: Fix filehandle bounds...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: sme: cap SSID length in cfg80211connectresult If the ssid-datalen is greater than IEEE80211MAXSSIDLEN 32, it could lead to memory corruption. Therefore, bounds checking has been added...

CVE-2022-50588

Nagios XI versions prior to 5.8.9 are vulnerable to cross-site scripting XSS in the update checking feature. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

Xen 安全漏洞

Xen is an open source virtual machine monitor product from Xen Open Source. The product enables different and incompatible operating systems to run on the same computer and supports migration at runtime to ensure uptime and avoid downtime. A security vulnerability exists in Xen that stems from a...

CVE-2022-50588

Nagios XI versions prior to 5.8.9 are vulnerable to cross-site scripting XSS in the update checking feature. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

CVE-2022-50588

Nagios XI versions prior to 5.8.9 are vulnerable to cross-site scripting XSS in the update checking feature. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

CVE-2022-50588 Nagios XI < 5.8.9 Stored XSS in Update Checking

Nagios XI versions prior to 5.8.9 are vulnerable to cross-site scripting XSS in the update checking feature. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

CVE-2022-50588 Nagios XI < 5.8.9 Stored XSS in Update Checking

Nagios XI versions prior to 5.8.9 are vulnerable to cross-site scripting XSS in the update checking feature. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

CVE-2022-50588

Nagios XI prior to version 5.8.9 is affected by a stored XSS flaw in the update-checking feature. The vulnerability stems from insufficient validation/escaping of user-supplied input, allowing an attacker to inject and execute arbitrary script in a victim’s browser. Public sources in the provided...

CLSA-2025-1761847256 Fix CVE(s): CVE-2022-47673, CVE-2023-25584

SECURITY UPDATE: multiple vulnerabilities in vms-alpha.c parsemodule - debian/patches/CVE-2022-47673CVE-2023-25584-.patch: fix null pointer dereference in parsemodule by adding return value checking for bfdzalloc calls, fix potential out of bounds memory access in DST record parsing loop -...

CVE-2025-10920

A remote code execution RCE vulnerability exists in GIMP due to improper bounds checking during the parsing of ICNS image files. When a user opens a specially crafted ICNS file, it can trigger an out-of-bounds write, allowing attackers to execute arbitrary code within the context of the GIMP...

EUVD-2025-36898

A flaw was identified in the X.Org X server’s X Keyboard Xkb extension where improper bounds checking in the XkbSetCompatMap function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a cras...