52 matches found
Astra Linux – Vulnerability in xrdp
xrdp is an open-source project that provides a graphical login to remote machines using the Microsoft Remote Desktop Protocol RDP. xrdp v0.9.21 contains a “Out of Bound Read” issue in the xrdpmmtransprocessdrdynvcchannelclose function. There are no known solutions to this problem. Users are advis...
EUVD-2026-36679
A vulnerability was determined in ShopXO up to 6.7.1. This vulnerability affects the function OrderClose/OrderSuccess/PayLogOrderClose/GoodsGiveIntegral of the file app/api/controller/Crontab.php of the component Scheduled Task Endpoint. Executing a manipulation can lead to authorization bypass...
Hive has Double-free and Use After Free Vulnerabilities
Drop implementation for Hive did perform free, but so did Hive::close, which, at the end of the scope performed Drop, therefore triggering double-free. Additionally, function Hive::fromhandle was not marked as unsafe, making it, in combination with ashandle easy to clone and trigger double-free i...
EUVD-2025-206526
An out-of-bounds read in the mkvhostfdtclose function mkserver/mkvhost.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...
Monkey Server security vulnerabilities
Monkey Server is an open-source HTTP server developed by Monkey I/O. There is a security vulnerability in Monkey Server, which stems from an out-of-bounds read in the mkvhostfdtclose function, potentially leading to a denial-of-service attack...
CVE-2025-63653
An out-of-bounds read in the mkvhostfdtclose function mkserver/mkvhost.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...
CVE-2025-63653
Affects mk_server/mk_vhost.c, function mk_vhost_fdt_close, in monkey commit f37e984. This out-of-bounds read can be triggered by a crafted HTTP request to cause a Denial of Service. Public documents do not provide a confirmed fixed version or patch details; exploitation status is not described be...
JLSEC-2025-106 In FFmpeg before 4.2, avcodec_open2 in libavcodec/utils.c allows a NULL pointer dereference and poss...
In FFmpeg before 4.2, avcodecopen2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer...
Dell ControlVault3 cv_close arbitrary free vulnerability
Talos Vulnerability Report TALOS-2024-2129 Dell ControlVault3 cvclose arbitrary free vulnerability August 9, 2025 CVE Number CVE-2025-25215 SUMMARY An arbitrary free vulnerability exists in the cvclose functionality of Dell ControlVault3 5.14.3.0. A specially crafted ControlVault API call can lea...
Linux Distros Unpatched Vulnerability : CVE-2025-37933
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: octeonep: Fix host hang issue during device reboot When the host loses heartbeat messages fr...
The vulnerability of the force_close() function in the inet.cpp module of the “Red Database” database management system allows a hacker to cause a service failure on the server.
The vulnerability of the forceclose function in the inet.cpp module of the “Red Database” database management system is related to incorrect serialization checks. Exploiting this vulnerability could allow an attacker to cause service failures...
PT-2025-25880 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A issue in the Linux kernel has been identified where the iforce close function waits at wait event interruptible with dev-mutex held, blocking input disconnect device from input...
hdf5: multiple CVEs
HDF5 library contains a memory corruption issue in H5Aclose function resulting in the corruption of the instruction pointer and causing denial of service or potential code execution...
The vulnerability of the vdec_close() function in the Qualcomm Venus V4L2 driver for Linux operating systems allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the vdecclose function in the drivers/media/platform/qcom/venus/vdec.c file of the Qualcomm Venus V4L2 driver for the Linux operating system is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the...
The vulnerability of the btnxpuart component in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the btnxpuart component in the Linux operating system is related to improper input validation in the btnxpuartclose function. Exploiting this vulnerability can allow an attacker to cause a service failure...
RUSTSEC-2024-0360 `XmpFile::close` can trigger UB
Affected versions of the crate failed to catch C++ exceptions raised within the XmpFile::close function. If such an exception occured, it would trigger undefined behavior, typically a process abort. This is best demonstrated in issue 230, where a race condition causes the close call to fail due t...
PT-2024-40915 · Unknown · Xmp Toolkit
Name of the Vulnerable Software and Affected Versions: xmp toolkit versions prior to 1.9.0 Description: The issue arises when C++ exceptions are raised within the XmpFile::close function, leading to undefined behavior, typically a process abort. This can be triggered by a race condition causing...
Linux kernel 安全漏洞
Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel, which originates in the filelock module, where the fcntlsetlk function, when competing with the close function, removes the created lock using the...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a contention between close and udpabort...
PT-2024-20910 · Flvmeta · Flvmeta
Name of the Vulnerable Software and Affected Versions: flvmeta version 1.2.2 Description: The issue allows a local attacker to cause a denial of service via the function in flv close at flvmeta/src/flv.c:375:21. Recommendations: For flvmeta version 1.2.2, as a temporary workaround, consider...