13672 matches found
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from failure to properly handle a suspended scrub operation when an error occurs during a transaction commit, whi...
PT-2025-38234
Name of the Vulnerable Software and Affected Versions: Thorium affected versions not specified Description: Thorium is susceptible to a crash issue stemming from accepting a stream split size of zero, which then leads to a division by zero error. This flaw allows a remote, authenticated attacker ...
PT-2025-38198
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.3.0-rc2-btrfs-next-127+ Description The Linux kernel contained a deadlock issue within the BTRFS file system related to transaction handling during block group relocation with scrub enabled. Specifically, a...
SUSE CVE-2023-53324
In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Don't leak some plane state Apparently no one noticed that mdp5 plane states leak like a sieve ever since we introduced planestate-commit refcount a few years ago in 21a01abbe32a "drm/atomic: Fix freeing...
SUSE CVE-2025-39816
In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: always use READONCE to read ring provided buffer lengths Since the buffers are mapped from userspace, it is prudent to use READONCE to read the value into a local variable, and use that for any other actions taken...
CVE-2023-53324
In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Don't leak some plane state Apparently no one noticed that mdp5 plane states leak like a sieve ever since we introduced planestate-commit refcount a few years ago in 21a01abbe32a "drm/atomic: Fix freeing...
CVE-2023-53324
In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Don't leak some plane state Apparently no one noticed that mdp5 plane states leak like a sieve ever since we introduced planestate-commit refcount a few years ago in 21a01abbe32a "drm/atomic: Fix freeing...
DEBIAN-CVE-2023-53324
In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Don't leak some plane state Apparently no one noticed that mdp5 plane states leak like a sieve ever since we introduced planestate-commit refcount a few years ago in 21a01abbe32a "drm/atomic: Fix freeing...
UBUNTU-CVE-2023-53324
In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Don't leak some plane state Apparently no one noticed that mdp5 plane states leak like a sieve ever since we introduced planestate-commit refcount a few years ago in 21a01abbe32a "drm/atomic: Fix freeing...
CVE-2023-53324
CVE-2023-53324 affects the Linux kernel DRM MSM MDP5: it fixes a leak of plane_state state (plane_state->commit refcount) that could degrade availability. The root cause was plane_state reference counting; the patch uses the correct helpers to prevent leakage. Affected component: drm/msm/mdp5....
CVE-2023-53324 drm/msm/mdp5: Don't leak some plane state
In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Don't leak some plane state Apparently no one noticed that mdp5 plane states leak like a sieve ever since we introduced planestate-commit refcount a few years ago in 21a01abbe32a "drm/atomic: Fix freeing...
CVE-2023-53324 drm/msm/mdp5: Don't leak some plane state
In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Don't leak some plane state Apparently no one noticed that mdp5 plane states leak like a sieve ever since we introduced planestate-commit refcount a few years ago in 21a01abbe32a "drm/atomic: Fix freeing...
CVE-2023-53324
In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Don't leak some plane state Apparently no one noticed that mdp5 plane states leak like a sieve ever since we introduced planestate-commit refcount a few years ago in 21a01abbe32a "drm/atomic: Fix freeing...
CVE-2023-53324 drm/msm/mdp5: Don't leak some plane state
In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Don't leak some plane state Apparently no one noticed that mdp5 plane states leak like a sieve ever since we introduced planestate-commit refcount a few years ago in 21a01abbe32a "drm/atomic: Fix freeing...
CVE-2023-53317
In the Linux kernel, the following vulnerability has been resolved: ext4: fix WARNING in mbfindextent Syzbot found the following issue: EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioreadnolock, ODIRECT and fastcommit support! EXT4-fs loop0: orphan cleanup on readonl...
BIT-GITLAB-2025-1250 Allocation of Resources Without Limits or Throttling in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions from 15.0 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed an authenticated user to stall background job processing by sending specially crafted commit messages, merge request descriptions, or not...
CVE-2025-10340
Summary (MODE C): CVE-2025-10340 affects WhatCD Gazelle, specifically the Change Log utility in the Commit Message Handler. The vulnerability is a cross-site scripting flaw triggered by manipulating the Message argument in /sections/tools/managers/change_log.php. Exploitation can be performed rem...
CVE-2025-10340 WhatCD Gazelle Commit Message change_log.php cross site scripting
A vulnerability was determined in WhatCD Gazelle up to 63b337026d49b5cf63ce4be20fdabdc880112fa3. The affected element is an unknown function of the file /sections/tools/managers/changelog.php of the component Commit Message Handler. Executing manipulation of the argument Message can lead to cross...
PT-2025-37365
Name of the Vulnerable Software and Affected Versions: WhatCD Gazelle versions prior to 63b337026d49b5cf63ce4be20fdabdc880112fa3 Description: A vulnerability exists in WhatCD Gazelle that allows for cross-site scripting. The issue is located in an unknown function within the...
CVE-2025-58434 Flowise Cloud and Local Deployments have Unauthenticated Password Reset Token Disclosure that Leads to Account Takeover
Flowise is a drag & drop user interface to build a customized large language model flow. In version 3.0.5 and earlier, the forgot-password endpoint in Flowise returns sensitive information including a valid password reset tempToken without authentication or verification. This enables any attacker...