5517 matches found
CVE-2022-35961
OpenZeppelin Contracts is a library for secure smart contract development. The functions ECDSA.recover and ECDSA.tryRecover are vulnerable to a kind of signature malleability due to accepting EIP-2098 compact signatures in addition to the traditional 65 byte signature format. This is only an issu...
UBUNTU-CVE-2022-50809
In the Linux kernel, the following vulnerability has been resolved: xhci: dbc: Fix memory leak in xhciallocdbc If DbC is already in use, then the allocated memory for the xhcidbc struct doesn't get freed before returning NULL, which leads to a memleak...
CVE-2022-50809 xhci: dbc: Fix memory leak in xhci_alloc_dbc()
In the Linux kernel, the following vulnerability has been resolved: xhci: dbc: Fix memory leak in xhciallocdbc If DbC is already in use, then the allocated memory for the xhcidbc struct doesn't get freed before returning NULL, which leads to a memleak...
CVE-2022-50809
In CVE-2022-50809, the Linux kernel vuln is a memory-leak in xhci_alloc_dbc() when DbC is already in use, where the xhci_dbc memory may not be freed before returning NULL. Concretely, the issue is triggered during DbC allocation and leads to a memleak as described in the public entries; multiple ...
PT-2025-53927
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the xhci alloc dbc function when Dynamic Backtrace Collection DbC is already in use. Specifically, if DbC is in use, the memory allocated for the xhci dbc struct ...
curl: HAProxy Connection Reuse leads to IP Spoofing and mTLS Context Smuggling
Executive Summary libcurl fails to respect the CURLOPTHAPROXYCLIENTIP configuration when reusing existing connections. Due to a missing check in the connection pooling logic, libcurl indiscriminately reuses a TCP/TLS connection established with a specific identity IP A for subsequent requests...
ICE Seeks Cyber Upgrade to Better Surveil and Investigate Its Employees
The agency plans to renew a sweeping cybersecurity contract that includes expanded employee monitoring as the government escalates leak investigations and casts internal dissent as a threat...
CVE-2025-66435
An SSTI Server-Side Template Injection vulnerability exists in the getcontracttemplate method of Frappe ERPNext through 15.89.0. The function renders attacker-controlled Jinja2 templates contractterms using frappe.rendertemplate with a user-supplied context doc. Although Frappe uses a custom...
EUVD-2025-203396
An SSTI Server-Side Template Injection vulnerability exists in the getcontracttemplate method of Frappe ERPNext through 15.89.0. The function renders attacker-controlled Jinja2 templates contractterms using frappe.rendertemplate with a user-supplied context doc. Although Frappe uses a custom...
CVE-2025-66435
An SSTI Server-Side Template Injection vulnerability exists in the getcontracttemplate method of Frappe ERPNext through 15.89.0. The function renders attacker-controlled Jinja2 templates contractterms using frappe.rendertemplate with a user-supplied context doc. Although Frappe uses a custom...
CVE-2025-66435
CVE-2025-66435 affects Frappe ERPNext up to version 15.89.0. An SSTI flaw in get_contract_template renders attacker-controlled Jinja2 templates (contract_terms) via frappe.render_template() using a user-supplied context (doc). Although Frappe uses a SandboxedEnvironment, dangerous globals such as...
CVE-2025-66435
An SSTI Server-Side Template Injection vulnerability exists in the getcontracttemplate method of Frappe ERPNext through 15.89.0. The function renders attacker-controlled Jinja2 templates contractterms using frappe.rendertemplate with a user-supplied context doc. Although Frappe uses a custom...
ERPNext 安全漏洞
ERPNext is an open source enterprise resource planning solution from ERPNext India. A security vulnerability exists in ERPNext 15.89.0 and earlier versions, which stems from the presence of server-side template injection in the getcontracttemplate method, which could lead to server-side code...
CVE-2025-66435
An SSTI Server-Side Template Injection vulnerability exists in the getcontracttemplate method of Frappe ERPNext through 15.89.0. The function renders attacker-controlled Jinja2 templates contractterms using frappe.rendertemplate with a user-supplied context doc. Although Frappe uses a custom...
CVE-2025-66435
An SSTI Server-Side Template Injection vulnerability exists in the getcontracttemplate method of Frappe ERPNext through 15.89.0. The function renders attacker-controlled Jinja2 templates contractterms using frappe.rendertemplate with a user-supplied context doc. Although Frappe uses a custom...
PT-2025-51253
An SSTI Server-Side Template Injection vulnerability exists in the get contract template method of Frappe ERPNext through 15.89.0. The function renders attacker-controlled Jinja2 templates contract terms using frappe.render template with a user-supplied context doc. Although Frappe uses a custom...
glider_StakedUSDeV2
StakedUSDeV2 Uninitialized Role Variable PoC Vulnerability...
Remote Code Execution (RCE)
CSLA .NET is vulnerable to remote code execution RCE. The vulnerability is due to the use of the obsolete NetDataContractSerializer NDCS in WcfProxy, which allows an attacker to execute arbitrary code during the deserialization process...
CVE-2025-66631 CSLA .NET is vulnerable to Remote Code Execution via WcfProxy
CSLA .NET is a framework designed for the development of reusable, object-oriented business layers for applications. Versions 5.5.4 and below allow the use of WcfProxy. WcfProxy uses the now-obsolete NetDataContractSerializer NDCS and is vulnerable to remote code execution during deserialization...
PT-2025-49778
CSLA .NET is a framework designed for the development of reusable, object-oriented business layers for applications. Versions 5.5.4 and below allow the use of WcfProxy. WcfProxy uses the now-obsolete NetDataContractSerializer NDCS and is vulnerable to remote code execution during deserialization...