13681 matches found
CVE-2024-11039
A pickle deserialization vulnerability exists in the Latex English error correction plug-in function of binary-husky/gptacademic versions up to and including 3.83. This vulnerability allows attackers to achieve remote command execution by deserializing untrusted data. The issue arises from the...
PYSEC-2025-94
A Regular Expression Denial of Service ReDoS vulnerability exists in gaizhenbiao/chuanhuchatgpt, as of commit 20b2e02. The server uses the regex pattern r'+' to parse user input. In Python's default regex engine, this pattern can take polynomial time to match certain crafted inputs. An attacker c...
CVE-2024-11039 Deserialization of Untrusted Data in binary-husky/gpt_academic
A pickle deserialization vulnerability exists in the Latex English error correction plug-in function of binary-husky/gptacademic versions up to and including 3.83. This vulnerability allows attackers to achieve remote command execution by deserializing untrusted data. The issue arises from the...
llvm-project commit bd456297 was discovered to contain a segmentation fault via the component mlir::Block::getArgument.
...
Huawei EulerOS: Security Advisory for subversion (EulerOS-SA-2025-1239)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2025-21852 net: Add rx_skb of kfree_skb to raw_tp_null_args[].
In the Linux kernel, the following vulnerability has been resolved: net: Add rxskb of kfreeskb to rawtpnullargs. Yan Zhai reported a BPF prog could trigger a null-ptr-deref 0 in tracekfreeskb if the prog does not check if rxsk is NULL. Commit c53795d48ee8 "net: add rxsk to tracekfreeskb" added rx...
CVE-2025-21845 mtd: spi-nor: sst: Fix SST write failure
In the Linux kernel, the following vulnerability has been resolved: mtd: spi-nor: sst: Fix SST write failure 'commit 18bcb4aa54ea "mtd: spi-nor: sst: Factor out common write operation to sstnorwritedata"' introduced a bug where only one byte of data is written, regardless of the number of bytes...
CVE-2025-2173
A vulnerability was found in libzvbi up to 0.2.43. It has been classified as problematic. Affected is the function vbistrndupiconvucs2 of the file src/conv.c. The manipulation of the argument srclength leads to uninitialized pointer. It is possible to launch the attack remotely. The exploit has...
CVE-2025-2174
A vulnerability was found in libzvbi up to 0.2.43. It has been declared as problematic. Affected by this vulnerability is the function vbistrndupiconvucs2 of the file src/conv.c. The manipulation of the argument srclength leads to integer overflow. The attack can be launched remotely. The exploit...
CVE-2025-2176
A vulnerability classified as critical has been found in libzvbi up to 0.2.43. This affects the function vbicapturesimloadcaption of the file src/io-sim.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and...
CVE-2025-27518
CVE-2025-27518 affects Cognita (the RAG framework) backend server. The issue is an insecure CORS configuration that allows arbitrary websites to send cross-site requests to the Cognita application. Root cause: misconfigured CORS on the backend. Reported impact is that cross-origin requests could ...
Linux Distros Unpatched Vulnerability : CVE-2022-48920
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: get rid of warning on transaction commit when using flushoncommit When using the flushoncommit mount option, during almost every transaction commit we...
DEBIAN-CVE-2025-21807
In the Linux kernel, the following vulnerability has been resolved: block: fix queue freeze vs limits lock order in sysfs store methods queueattrstore always freezes a device queue before calling the attribute store operation. For attributes that control queue limits, the store operation will als...
SUSE CVE-2022-49174
In the Linux kernel, the following vulnerability has been resolved: ext4: fix ext4mbmarkbb with flexbg with fastcommit In case of flexbg feature which is by default enabled, extents for any given inode might span across blocks from two different block group. ext4mbmarkbb only reads the bufferhead...
SUSE CVE-2022-49348
In the Linux kernel, the following vulnerability has been resolved: ext4: filter out EXT4FCREPLAY from on-disk superblock field sstate The EXT4FCREPLAY bit in sbi-smountstate is used to indicate that we are in the middle of replay the fast commit journal. This was actually a mistake, since the...
SUSE CVE-2022-49358
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: memleak flow rule from commit path Abort path release flow rule object, however, commit path does not. Update code to destroy these objects before releasing the transaction...
SUSE CVE-2022-49648
In the Linux kernel, the following vulnerability has been resolved: tracing/histograms: Fix memory leak problem This reverts commit 46bbe5c671e06f070428b9be142cc4ee5cedebac. As commit 46bbe5c671e0 "tracing: fix double free" said, the "double free" problem reported by clang static analyzer is: In...
CVE-2025-21786 workqueue: Put the pwq after detaching the rescuer from the pool
In the Linux kernel, the following vulnerability has been resolved: workqueue: Put the pwq after detaching the rescuer from the pool The commit 68f83057b913"workqueue: Reap workers via kthreadstop and remove detachcompletion" adds code to reap the normal workers but mistakenly does not handle the...
CVE-2024-57986
In the Linux kernel, the following vulnerability has been resolved: HID: core: Fix assumption that Resolution Multipliers must be in Logical Collections A report in 2019 by the syzbot fuzzer was found to be connected to two errors in the HID core associated with Resolution Multipliers. One of the...
CVE-2022-49635
In the Linux kernel, the following vulnerability has been resolved: drm/i915/selftests: fix subtraction overflow bug On some machines holeend can be small enough to cause subtraction overflow. On the other side addr + 2 minalignment can overflow in case of mock tests. This patch should handle bot...