13682 matches found
GHSA-6GF2-FFQ8-GCWW GHSL-2024-288: SickChill open redirect in login
SickChill is an automatic video library manager for TV shows. A user-controlled login endpoint's next parameter takes arbitrary content. Prior to commit c7128a8946c3701df95c285810eb75b2de18bf82, an authenticated attacker may use this to redirect the user to arbitrary destinations, leading to open...
CVE-2024-53995
SickChill is an automatic video library manager for TV shows. A user-controlled login endpoint's next parameter takes arbitrary content. Prior to commit c7128a8946c3701df95c285810eb75b2de18bf82, an authenticated attacker may use this to redirect the user to arbitrary destinations, leading to open...
Malicious code in pre-commit-tasks (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e3f86360c5d5f5979a278474cb95f178bed388a7ce152931eee872318ac5fcd3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-33 Malicious code in pre-commit-tasks (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e3f86360c5d5f5979a278474cb95f178bed388a7ce152931eee872318ac5fcd3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2025-21609 SiYuan has an arbitrary file deletion vulnerability
SiYuan is self-hosted, open source personal knowledge management software. SiYuan Note version 3.1.18 has an arbitrary file deletion vulnerability. The vulnerability exists in the POST /api/history/getDocHistoryContent endpoint. An attacker can craft a payload to exploit this vulnerability,...
PT-2025-34363
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A race condition exists in the packet set ring and packet notifier functions within the net/packet module. This occurs when packet set ring releases po-bind lock, allowing another thre...
PT-2025-34645 · Libbiosig +1 · Libbiosig +1
Name of the Vulnerable Software and Affected Versions: libbiosig versions 3.9.0 and Master Branch 35a819fa Description: A stack-based buffer overflow vulnerability exists in the MFER parsing functionality. A specially crafted MFER file can lead to arbitrary code execution. The vulnerability...
PT-2026-21540
Name of the Vulnerable Software and Affected Versions strukturag libde265 versions prior to commit d9fea9d Description A segmentation fault exists in strukturag libde265 due to an issue within the decoder context::compute framedrop table component. This can lead to a program crash. Recommendation...
PT-2025-34638 · Libbiosig +1 · Libbiosig +1
Name of the Vulnerable Software and Affected Versions: libbiosig versions 3.9.0 and Master Branch 35a819fa Description: A stack-based buffer overflow vulnerability exists in the MFER parsing functionality. A specially crafted MFER file can lead to arbitrary code execution. The vulnerability...
PT-2025-34639 · Libbiosig +1 · Libbiosig +1
Name of the Vulnerable Software and Affected Versions: libbiosig versions 3.9.0 and Master Branch 35a819fa Description: A stack-based buffer overflow vulnerability exists in the MFER parsing functionality. A specially crafted MFER file can lead to arbitrary code execution. The vulnerability...
PT-2025-34619
Name of the Vulnerable Software and Affected Versions: libbiosig versions 3.9.0 and Master Branch 35a819fa Description: A stack-based buffer overflow exists in the MFER parsing functionality. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious...
PT-2025-34642 · Libbiosig +1 · Libbiosig +1
Name of the Vulnerable Software and Affected Versions: libbiosig versions 3.9.0 and Master Branch 35a819fa Description: A stack-based buffer overflow vulnerability exists in the MFER parsing functionality. A specially crafted MFER file can lead to arbitrary code execution. The vulnerability...
CVE-2024-56517 LGSL has a reflected XSS at /lgsl_files/lgsl_list.php
LGSL Live Game Server List provides online status lists for online video games. Versions up to and including 6.2.1 contain a reflected cross-site scripting vulnerability in the Referer HTTP header. The vulnerability allows attackers to inject arbitrary JavaScript code, which is reflected in the...
CVE-2024-56625
In the Linux kernel, the following vulnerability has been resolved: can: dev: cansettermination: allow sleeping GPIOs In commit 6e86a1543c37 "can: dev: provide optional GPIO based termination support" GPIO based termination support was added. For no particular reason that patch uses gpiodsetvalue...
SUSE CVE-2024-53171
In the Linux kernel, the following vulnerability has been resolved: ubifs: authentication: Fix use-after-free in ubifstncendcommit After an insertion in TNC, the tree might split and cause a node to change its znode-parent. A further deletion of other nodes in the tree which also could free the...
DEBIAN-CVE-2024-56667
In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix NULL pointer dereference in captureengine When the intelcontext structure contains NULL, it raises a NULL pointer dereference error in drminfo. cherry picked from commit 754302a5bc1bd8fd3b7d85c168b0a1af6d4bba4d...
CVE-2024-53164
In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch-q.qlen around qdisctreereducebacklog need to happen before a call to said function because otherwise it may fail to notify parent qdiscs when the child is about to become...
CVE-2024-53182 Revert "block, bfq: merge bfq_release_process_ref() into bfq_put_cooperator()"
In the Linux kernel, the following vulnerability has been resolved: Revert "block, bfq: merge bfqreleaseprocessref into bfqputcooperator" This reverts commit bc3b1e9e7c50e1de0f573eea3871db61dd4787de. The bic is associated with syncbfqq, and bfqreleaseprocessref cannot be put into bfqputcooperator...
CVE-2024-53171 ubifs: authentication: Fix use-after-free in ubifs_tnc_end_commit
In the Linux kernel, the following vulnerability has been resolved: ubifs: authentication: Fix use-after-free in ubifstncendcommit After an insertion in TNC, the tree might split and cause a node to change its znode-parent. A further deletion of other nodes in the tree which also could free the...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to properly update the cparent pointer in the ubifstncendcommit function in the ubifs:authenticati...