Snorkeling in Dark Waters: a Longitudinal Surface Exploration of Unique Tor Hidden Services (Extended Version)

The Onion Router Tor is a controversial network whose utility is constantly under scrutiny. On the one hand, it allows for anonymous interaction and cooperation of users seeking untraceable navigation on the Internet. This freedom also attracts criminals who aim to thwart law enforcement...

UBUNTU-CVE-2025-22060

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: Prevent parser TCAM memory corruption Protect the parser TCAM/SRAM memory, and the cached shadow SRAM information, from concurrent modifications. Both the TCAM and SRAM tables are indirectly accessed by configuring an...

net/sched: cls_api: fix error handling causing NULL dereference

...

DEBIAN-CVE-2025-21857

In the Linux kernel, the following vulnerability has been resolved: net/sched: clsapi: fix error handling causing NULL dereference tcfextsmisscookiebasealloc calls xaalloccyclic which can return 1 if the allocation succeeded after wrapping. This was treated as an error, with value 1 returned to...

AZL-58750 CVE-2024-26669 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: net/sched: flower: Fix chain template offload When a qdisc is deleted from a net device the stack instructs the underlying driver to remove its flow offload callback from the associated filter block using the 'FLOWBLOCKUNBIND'...

UBUNTU-CVE-2024-26669

In the Linux kernel, the following vulnerability has been resolved: net/sched: flower: Fix chain template offload When a qdisc is deleted from a net device the stack instructs the underlying driver to remove its flow offload callback from the associated filter block using the 'FLOWBLOCKUNBIND'...

CVE-2024-26669 net/sched: flower: Fix chain template offload

In the Linux kernel, the following vulnerability has been resolved: net/sched: flower: Fix chain template offload When a qdisc is deleted from a net device the stack instructs the underlying driver to remove its flow offload callback from the associated filter block using the 'FLOWBLOCKUNBIND'...

CVE-2024-26669

In the Linux kernel, the following vulnerability has been resolved: net/sched: flower: Fix chain template offload When a qdisc is deleted from a net device the stack instructs the underlying driver to remove its flow offload callback from the associated filter block using the 'FLOWBLOCKUNBIND'...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from a memory corruption in the SPS application when requesting a public key in the classifier TA...

CVE-2024-28563

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 r1909 allows a local attacker to cause a denial of service DoS via the Imf22::DwaCompressor::Classifier::Classifier function when reading images in EXR format...

Argus - A Framework for Staged Static Taint Analysis of GitHub Workflows and Actions

This repo contains the code for our USENIX Security '23 paper "ARGUS: A Framework for Staged Static Taint Analysis of GitHub Workflows and Actions". Argus is a comprehensive security analysis tool specifically designed for GitHub Actions. Built with an aim to enhance the security of CI/CD...

CVE-2022-47072

SQL injection vulnerability in Enterprise Architect 16.0.1605 32-bit allows attackers to run arbitrary SQL commands via the Find parameter in the Select Classifier dialog box...

Sql injection

SQL injection vulnerability in Enterprise Architect 16.0.1605 32-bit allows attackers to run arbitrary SQL commands via the Find parameter in the Select Classifier dialog box...

CVE-2022-47072

SQL injection vulnerability in Enterprise Architect 16.0.1605 32-bit allows attackers to run arbitrary SQL commands via the Find parameter in the Select Classifier dialog box...

CVE-2022-47072

SQL injection vulnerability in Enterprise Architect 16.0.1605 32-bit allows attackers to run arbitrary SQL commands via the Find parameter in the Select Classifier dialog box...

PT-2024-11748 · Sparx Systems · Enterprise Architect

Name of the Vulnerable Software and Affected Versions: Enterprise Architect version 16.0.1605 Description: The issue allows attackers to run arbitrary SQL commands via the Find parameter in the Select Classifier dialog box. This can be exploited by attackers to execute unauthorized SQL queries...

CVE-2022-47072

CVE-2022-47072 affects Sparx Systems Enterprise Architect 16.0.1605 (32-bit). The vulnerability is a SQL injection in the Find parameter of the Select Classifier dialog box, enabling execution of arbitrary SQL commands. Root cause: unsafely handling user-controlled input in the dialog’s Find para...

CLSA-2024-1705494763 kernel: Fix of 13 CVEs

Bluetooth: L2CAP: Fix use-after-free in l2capsockreadycb CVE-2023-40283 - ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-6932 - smb: client: fix OOB in smbCalcSize CVE-2023-6606 - net/sched: schhfsc: Ensure inner classes have fsc curve CVE-2023-4623 - net/sched: clsfw:...

kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route

This record is a duplicate of CVE-2023-4206, CVE-2023-4207, and CVE-2023-4208. Do not use this CVE record: CVE-2023-4128...

kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route

This record is a duplicate of CVE-2023-4206, CVE-2023-4207, and CVE-2023-4208. Do not use this CVE record: CVE-2023-4128...