TinyZero 安全漏洞

TinyZero is an inference model training tool developed by Jiayi Pan, based on reinforcement learning, and aimed at replicating the DeepSeek R1 Zero. TinyZero has a security vulnerability. This vulnerability stems from the copy function in the HDFS file manipulation tool, which insecurely construc...

PT-2026-37565

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the rtl8723bs staging driver. The function cfg80211 inform bss frame may return NULL upon failure, which prevents the allocated buffer buf from being freed before...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Fixed a UAF in ieee80211scanrx The ieee80211scanrx function attempts to access scanreq-flags after a null check. However, a UAF Use-after-Allocation was observed when the scan is completed and ieee80211scancomplet...

SUSE CVE-2026-23336

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: cancel rfkillblock work in wiphyunregister There is a use-after-free error in cfg80211shutdownallinterfaces found by syzkaller: BUG: KASAN: use-after-free in cfg80211shutdownallinterfaces+0x213/0x220 Read of size ...

CVE-2022-50361

In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: add missing unregisternetdev in wilcnetdevifcinit Fault injection test reports this issue: kernel BUG at net/core/dev.c:10731! invalid opcode: 0000 1 PREEMPT SMP KASAN PTI Call Trace: wilcnetdevifcinit+0x19f/0x220...

PT-2025-37526

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw within the cfg80211 subsystem related to the wext interface. Key data in wext.connect is not reset during connection attempts, potentially leading to a...

DEBIAN-CVE-2024-46672

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: Handle SSID based pmksa deletion wpasupplicant 2.11 sends since 1efdba5fdc2c "Handle PMKSA flush in the driver for SAE/OWE offload cases" SSID based PMKSA del commands. brcmfmac is not prepared and tries...

SUSE CVE-2021-29133

Lack of verification in haserl, a component of Alpine Linux Configuration Framework, before 0.9.36 allows local users to read the contents of any file on the filesystem...

openSUSE 15 Security Update : haserl (openSUSE-SU-2021:1279-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE-SU-2021:1279-1 advisory. - Lack of verification in haserl, a component of Alpine Linux Configuration Framework, before 0.9.36 allows local users to read the contents of any...

ALPINE-CVE-2021-29133

Lack of verification in haserl, a component of Alpine Linux Configuration Framework, before 0.9.36 allows local users to read the contents of any file on the filesystem...

CVE-2021-29133

Lack of verification in haserl, a component of Alpine Linux Configuration Framework, before 0.9.36 allows local users to read the contents of any file on the filesystem...

CVE-2021-29133

Lack of verification in haserl, a component of Alpine Linux Configuration Framework, before 0.9.36 allows local users to read the contents of any file on the filesystem...

Design/Logic Flaw

Lack of verification in haserl, a component of Alpine Linux Configuration Framework, before 0.9.36 allows local users to read the contents of any file on the filesystem...

CVE-2021-29133

Lack of verification in haserl, a component of Alpine Linux Configuration Framework, before 0.9.36 allows local users to read the contents of any file on the filesystem...

Alpine Linux 安全漏洞

Alpine Linux is a lightweight Linux distribution for security applications. A security vulnerability exists in Alpine Linux Configuration Framework before 0.9.36, which stems from a lack of authentication in haserl and allows a local user to read the contents of any file on the file system...

Code Injection in tensorflow/tfx

Description TensorFlow Extended TFX is a Google-production-scale machine learning platform based on TensorFlow. It provides a configuration framework to express ML pipelines consisting of TFX components. Vulnerability Vulnerable to YAML deserialization attack caused by unsafe loading. Proof of...

The vulnerability of the Configuration Standard Framework component of the Enterprise Manager Base Platform allows a perpetrator to gain access to modify, add, or delete data, to gain unauthorized access to protected information, or to cause service failures.

The vulnerability of the Configuration Standard Framework component of the Enterprise Manager Base Platform is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, gain unauthorized access to protecte...

openSUSE Security Update : apache2-mod_security2 (openSUSE-SU-2013:1336-1)

complete overhaul of this package, with update to 2.7.5. - ruleset update to 2.2.8-0-g0f07cbb. - new configuration framework private to modsecurity2: /etc/apache2/conf.d/modsecurity2.conf loads /usr/share/apache2-modsecurity2/rules/modsecuritycrs1 0setup.conf, then...