UBUNTU-CVE-2023-52997

In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in ipmetricsconvert if !type continue; if type RTAXMAX return -EINVAL; ... metricstype - 1 = val; @type being used as an array index, we need to prevent cpu speculation or risk leaking...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the risk of a Spectre v1 attack on ipmetricsconvert...

SUSE CVE-2025-2754

A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been declared as critical. Affected by this vulnerability is the function Assimp::AC3DImporter::ConvertObjectSection of the file code/AssetLib/AC/ACLoader.cpp of the component AC3D File Handler. The manipulation of the...

DEBIAN-CVE-2025-2756

A vulnerability classified as critical has been found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::AC3DImporter::ConvertObjectSection of the file code/AssetLib/AC/ACLoader.cpp of the component AC3D File Handler. The manipulation of the argument tmp leads to...

DEBIAN-CVE-2025-2754

A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been declared as critical. Affected by this vulnerability is the function Assimp::AC3DImporter::ConvertObjectSection of the file code/AssetLib/AC/ACLoader.cpp of the component AC3D File Handler. The manipulation of the...

PYSEC-2025-166

A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been rated as critical. Affected by this issue is the function Assimp::AC3DImporter::ConvertObjectSection of the file code/AssetLib/AC/ACLoader.cpp of the component AC3D File Handler. The manipulation of the argument...

UBUNTU-CVE-2025-2755

A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been rated as critical. Affected by this issue is the function Assimp::AC3DImporter::ConvertObjectSection of the file code/AssetLib/AC/ACLoader.cpp of the component AC3D File Handler. The manipulation of the argument...

SUSE CVE-2025-30472

Corosync through 3.1.9, if encryption is disabled or the attacker knows the encryption key, has a stack-based buffer overflow in orftokenendianconvert in exec/totemsrp.c via a large UDP packet...

Corosync 安全漏洞

Corosync is a Corosync cluster engine from The Corosync Cluster Engine open source. A security vulnerability exists in Corosync 3.1.9 and earlier versions that stems from the orftokenendianconvert function that can cause a stack buffer overflow when processing large UDP packets...

Virtuozzo Hybrid Server 7.5 Update 7 Hotfix 3 (7.5.7-176)

The Hotfix 3 for Virtuozzo Hybrid Server 7.5 Update 7 provides fixes for the c2v-convert tool and VirtIO SCSI controllers. Vulnerability id: PSBM-160763 Fixed an issue where the c2v-convert tool failed to convert a container if one of its disks did not have a mount point specified in the source...

CVE-2025-2152

A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. This issue affects the function Assimp::BaseImporter::ConvertToUTF8 of the file BaseImporter.cpp of the component File Handler. The manipulation leads to heap-based buffer overflow. The...

UBUNTU-CVE-2025-2152

A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. This issue affects the function Assimp::BaseImporter::ConvertToUTF8 of the file BaseImporter.cpp of the component File Handler. The manipulation leads to heap-based buffer overflow. The...

CVE-2025-22212

A SQL injection vulnerability in the Convert Forms component versions 1.0.0-1.0.0 - 4.4.9 for Joomla allows authenticated attackers administrator to execute arbitrary SQL commands in the submission management area in backend...

Linux Distros Unpatched Vulnerability : CVE-2013-7488

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - perl-Convert-ASN1 aka the Convert::ASN1 module for Perl through 0.27 allows remote attackers to cause an infinite loop via unexpected input. CVE-2013-7488 Note...

CVE-2022-49414

In the Linux kernel, the following vulnerability has been resolved: ext4: fix race condition between ext4write and ext4convertinlinedata Hulk Robot reported a BUGON: ================================================================== EXT4-fs error device loop3: ext4mbgeneratebuddy:805: group 0,...

UBUNTU-CVE-2022-49414

In the Linux kernel, the following vulnerability has been resolved: ext4: fix race condition between ext4write and ext4convertinlinedata Hulk Robot reported a BUGON: ================================================================== EXT4-fs error device loop3: ext4mbgeneratebuddy:805: group 0,...

CVE-2022-49414 ext4: fix race condition between ext4_write and ext4_convert_inline_data

In the Linux kernel, the following vulnerability has been resolved: ext4: fix race condition between ext4write and ext4convertinlinedata Hulk Robot reported a BUGON: ================================================================== EXT4-fs error device loop3: ext4mbgeneratebuddy:805: group 0,...

Fedora 40 : libheif (2025-666aaa6a0d)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-666aaa6a0d advisory. Latest upstream release. It adds support for tiles and fixes reading images generated by iOS 18+. See https://github.com/strukturag/libheif/releases for more...

CVE-2024-52397

Unrestricted Upload of File with Dangerous Type vulnerability in Davor Zeljkovic Convert Docx2post convert-docx2post allows Upload a Web Shell to a Web Server.This issue affects Convert Docx2post: from n/a through = 1.4...

CVE-2024-31112

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Stephanie Leary Convert Post Types allows Reflected XSS.This issue affects Convert Post Types: from n/a through 1.4...