1238 matches found
CVE-2022-49537 scsi: lpfc: Fix call trace observed during I/O with CMF enabled
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix call trace observed during I/O with CMF enabled The following was seen with CMF enabled: BUG: using smpprocessorid in preemptible code: systemd-udevd/31711 kernel: caller is lpfcupdatecmfcmd+0x214/0x420 lpfc kerne...
CVE-2022-49280
CVE-2022-49280 concerns the Linux kernel NFSD: nfssvc_decode_writeargs() underflow, mitigated by changing a length/args field to unsigned to prevent underflow. Public advisories (EulerOS, Unity Linux, Astra Linux, etc.) document this CVE within kernel updates, indicating the vulnerability affects...
SourceCodester E-Learning System 代码问题漏洞
SourceCodester E-Learning System is a SourceCodester open source e-learning system. A code issue vulnerability exists in SourceCodester E-Learning System version 1.0, which stems from allowing unlimited file uploads...
CVE-2024-52902
IBM Cognos Controller 11.0.0–11.0.1 FP3 and IBM Controller 11.1.0 contain hard-coded database passwords in the client application, enabling unauthorized access if exploited. Remediation: upgrade Cognos Controller to 11.0.1 FP4 and Controller to 11.1.0.1 (cloud deploys have corresponding updates)....
IBM Cognos Controller 代码问题漏洞
IBM Cognos Controller is a suite of business intelligence and planning solutions from International Business Machines IBM. The product features process automation, financial audit control, and the creation and management of financial reports. A code issue vulnerability exists in IBM Cognos...
Sliver 代码问题漏洞
Sliver is an open source cross-platform adversary simulation/red teaming framework from Bishop Fox Open Source. It can be used by organizations of all sizes to perform security testing. Sliver suffers from a code issue vulnerability that stems from unverified reverse port forwarding, leading to...
Palo Alto Networks Cortex XDR 代码问题漏洞
Palo Alto Networks Cortex XDR is an extended detection and response platform that natively integrates network, endpoint, cloud, and third-party data from Palo Alto Networks, USA. A code issue vulnerability exists in Palo Alto Networks Cortex XDR, which stems from a faulty detection mechanism that...
Linux kernel code issue vulnerability (CNVD-2025-03431)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a code issue vulnerability that stems from the vsockhasdata|hasspace function being called when a socket is not allocated a transport layer, which can...
Linux kernel bnxt driver code issue vulnerability
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from a code issue vulnerability that stems from the bnxt driver not properly recalculating network device characteristics after XDP is disabled, which...
IBM i 代码问题漏洞
IBM i is a suite of operating systems from International Business Machines IBM running in IBM Power Systems and IBM PureSystems. A code issue vulnerability exists in IBM i that stems from bypassing database feature limitation checks. A privileged bad actor could delete or otherwise affect databas...
Schneider Electric ASCO 5310和ASCO 5350 代码问题漏洞
The Schneider Electric ASCO 5310 and Schneider Electric ASCO 5350 are both single-channel remote alarms from Schneider Electric France. A code issue vulnerability exists in the Schneider Electric ASCO 5310 and ASCO 5350 that stems from the inclusion of a dangerous type of file unrestricted upload...
Intel Server M50FCP 代码问题漏洞
Intel Server M50FCP is a server from Intel Corporation USA. A code issue vulnerability exists in Intel Server M50FCP that stems from the presence of uncontrolled search path elements that could allow a privileged user to elevate privileges via local access...
Intel Ethernet Adapter Complete Driver Pack 代码问题漏洞
Intel Ethernet Adapter Complete Driver Pack is a complete driver for Ethernet adapters from Intel Corporation. A code issue vulnerability exists in Intel Ethernet Adapter Complete Driver Pack versions prior to 29.1, which arises from an uncontrolled search path that could allow an authenticated...
Microsoft Visual Studio 代码问题漏洞
Microsoft Visual Studio is a family of development tool suites and a largely complete set of development tools from Microsoft Corporation USA that includes most of the tools needed throughout the software lifecycle. A code issue vulnerability exists in Microsoft Visual Studio. An attacker could...
Microsoft Visual Studio Code 代码问题漏洞
Microsoft Visual Studio Code is an open source code editor from Microsoft USA. A code issue vulnerability exists in Microsoft Visual Studio Code. An attacker can exploit the vulnerability to elevate privileges...
Cisco Identity Services Engine Code Issue Vulnerability (CNVD-2025-03531)
Cisco Identity Services Engine is an environment-aware platform from the U.S. company Cisco Cisco. The Cisco Identity Services Engine API has a code issue vulnerability that can be exploited by a remote attacker to submit a special request that can execute arbitrary commands with elevated...
Mattermost Code Issue Vulnerability
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a code issue vulnerability that stems from a failure to properly validate a proto style provided to an action style, which can be exploited by an attacker to crash the front-end...
WordPress plugin WP All Import Pro 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...
Cisco ISE 代码问题漏洞
Cisco Identity Services Engine is an environment-aware platform from the U.S. company Cisco Cisco. The Cisco Identity Services Engine API has a code issue vulnerability that can be exploited by a remote attacker to submit a special request that can execute arbitrary commands with elevated...
IBM Cognos Analytics 代码问题漏洞
IBM Cognos Analytics is a suite of business intelligence software from International Business Machines IBM. The software includes reports, dashboards, and scorecards, and can assist companies in adjusting their decision-making by analyzing such things as key factors and key people. A code issue...