ASR Lapwing_Linux 代码问题漏洞

ASR LapwingLinux is a device firmware developed by ASR Corporation. ASR LapwingLinux has a code vulnerability that stems from a null pointer dereferencing in the imsclient module, which may lead to pointer-related issues...

Security update for python311

This update for python311 fixes the following issues: Update to python 3.11.15: CVE-2025-6075: quadratic complexity in os.path.expandvars bsc1252974. CVE-2025-11468: header injection with carefully crafted inputs bsc1257029. CVE-2025-12084: quadratic complexity in xml.minidom node ID cache cleari...

cpython: Excessive read buffering DoS in http.client

A flaw was found in the http.client module in the Python standard library. When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This issue allows a malicious server to cause the client to read large amounts of data into...

CVE-2022-38983

The BT Hfp Client module has a Use-After-Free UAF vulnerability.Successful exploitation of this vulnerability may result in arbitrary code execution...

snap7-rs 安全漏洞

snap7-rs is a library for C++ by the individual developer gmg137. A security vulnerability exists in snap7-rs, which stems from an incorrect operation of the function snap7rs::client::S7Client::download in the file client.rs, which could result in a heap buffer overflow...

Resty has a Path Traversal vulnerability

A security vulnerability has been detected in Dreampie Resty versions up to the 1.3.1.SNAPSHOT. This affects the function Request of the file /resty-httpclient/src/main/java/cn/dreampie/client/HttpClient.java of the component HttpClient Module. Such manipulation of the argument filename leads to...

EUVD-2025-34883

In NextX Duo before 6.4.4, in the HTTP client module, the network support code for Eclipse Foundation ThreadX, the parsing of HTTP header fields was missing bounds verification. A crafted server response could cause undefined behavior...

EUVD-2023-31019

Malicious code in bioql PyPI...

CVE-2022-50376 orangefs: Fix kmemleak in orangefs_{kernel,client}_debug_init()

In the Linux kernel, the following vulnerability has been resolved: orangefs: Fix kmemleak in orangefskernel,clientdebuginit When insert and remove the orangefs module, there are memory leaked as below: unreferenced object 0xffff88816b0cc000 size 2048: comm "insmod", pid 783, jiffies 4294813439 a...

Exploit for CVE-2025-55580

CVE-2025-55580 - SolidInvoice Stored Cross-Site Scripting XSS...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the mishandling of native SMB symbolic links by the smb client module, which could lead to the failure of...

CVE-2023-27241

SourceCodester Water Billing System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the lastname text box under the Add Client module...

MAL-2025-1693 Malicious code in @monkey-tilt/client (npm)

--- -= Per source details. Do not edit below this line.=-...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from the post-release reuse of signing keys in the smb client module...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from the post-release reuse of signing keys in the smb client module...

The vulnerability of the decrypt_raw_data() function in the SMB subsystem of the Linux operating system allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the decryptrawdata function in the fs/smb/client/smb2ops.c module of the SMB subsystem of the Linux operating system is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity,...

The vulnerability of the ceph_monc_stop() function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the cephmoncstop function in the net/ceph/monclient.c module of the Linux kernel is related to the reutilization of previously freed memory due to competitive access to resources race condition. Exploiting this vulnerability could allow a attacker to cause service failures...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a post-release reuse vulnerability in the smb:client module...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a deadlock problem in the smb:client module...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which originates from a post-release reuse vulnerability in the smb:client module...