S2OPC OPC UA Toolkit 信任管理问题漏洞

S2OPC OPC UA Toolkit is an open-source development toolkit for OPC UA communication, developed by Systerel. The S2OPC OPC UA Toolkit has a trust management vulnerability, which stems from improper comparison with a list of trusted certificates. This vulnerability may cause well-formatted, untrust...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mptcp: Ensure that the tx-skbs always have the MPTCP extensions. Due to signed/unsigned comparison, the expression: info-sizegoal - skb-len 0 evaluates to true when the size goal is smaller than the skb size. This results in a la...

SUSE CVE-2026-33997

Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. Due to an error in the daemon's privilege comparison logic, the daemon may incorrectly accept a...

UBUNTU-CVE-2026-33997

Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. Due to an error in the daemon's privilege comparison logic, the daemon may incorrectly accept a...

CVE-2025-63656

An out-of-bounds read in the headercmp function mkserver/mkhttpparser.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...

EUVD-2018-6011

Malware in sbrugna...

The vulnerability of the rsyncd utility for transferring and synchronizing Rsync files allows a attacker to bypass ASLR protection and gain unauthorized access to protected information.

The vulnerability of the rsyncd utility for transferring and synchronizing Rsync files is related to the execution of operations outside the buffer boundaries in memory, as a result of incorrect comparison of file checksums. Exploiting this vulnerability can allow an attacker to bypass ASLR...

UBUNTU-CVE-2023-4720

Floating Point Comparison with Incorrect Operator in GitHub repository gpac/gpac prior to 2.3-DEV...

CVE-2023-4720 Floating Point Comparison with Incorrect Operator in gpac/gpac

Floating Point Comparison with Incorrect Operator in GitHub repository gpac/gpac prior to 2.3-DEV...

LlamaRelativeQuorum isActionApproved / isActionDisapproved check condition error

Lines of code Vulnerability details Impact LlamaRelativeQuorum isActionApproved / isActionDisapproved check condition error: quantity holders. The two cannot be compared. In general quantity holder, so the approver was lower than expected. Proof of Concept diff --git...

SUSE CVE-2019-7309

In the GNU C Library aka glibc or libc6 through 2.29, the memcmp function for the x32 architecture can incorrectly return zero indicating that the inputs are equal because the RDX most significant bit is mishandled...

DNSSECImpl.verifySignature compares strings incorrectly, allowing malicious zones to forge DNSSEC trust chain

Lines of code Vulnerability details Impact DNSSEC allows parent zones to sign for its child zones. To check validity of a signature, RFC4034 3.1.7 requires the Signer's Name in any RRSIG RDATA to contain the zone of covered RRset. This requirement is reasonable since any child zone should be...

Insecure Password Matching

bouncycastle is vulnerable to incorrect password matching. An attacker is able to pass an incorrect password and gets it accepted as a correct one due to a comparison error in the function OpenBSDBCrypt.checkPassword...

Security update for axel (moderate)

openSUSE Security Update: Security update for axel Announcement ID: openSUSE-SU-2020:0778-1 Rating: moderate References: 1172159 Cross-References: CVE-2020-13614 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for axel fixes...

UBUNTU-CVE-2019-9893

libseccomp before 2.4.0 did not correctly generate 64-bit syscall argument comparisons using the arithmetic operators LT, GT, LE, GE, which might able to lead to bypassing seccomp filters and potential privilege escalations...

Comparison errorr in org.apache.tika:tika-core

In Apache Tika 1.2 to 1.18, a carefully crafted file can trigger an infinite loop in the IptcAnpaParser...

GHSA-J53J-GMR9-H8G3 Comparison errorr in org.apache.tika:tika-core

In Apache Tika 1.2 to 1.18, a carefully crafted file can trigger an infinite loop in the IptcAnpaParser...

CVE-2014-7283

The xfsda3fixhashpath function in fs/xfs/xfsdabtree.c in the xfs implementation in the Linux kernel before 3.14.2 does not properly compare btree hash values, which allows local users to cause a denial of service filesystem corruption, and OOPS or panic via operations on directories that have has...

FFmpeg Multiple Vulnerabilities - Linux

FFmpeg is prone to multiple vulnerabilities SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...