CVE-2025-21720

In the Linux kernel, the following vulnerability has been resolved: xfrm: delete intermediate secpath entry in packet offload mode Packets handled by hardware have added secpath as a way to inform XFRM core code that this path was already handled. That secpath is not needed at all after policy is...

CVE-2022-48728 IB/hfi1: Fix AIP early init panic

In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix AIP early init panic An early failure in hfi1ipoibsetuprn can lead to the following panic: BUG: unable to handle kernel NULL pointer dereference at 00000000000001b0 PGD 0 P4D 0 Oops: 0002 1 SMP NOPTI Workqueue: event...

TYPO3 代码注入漏洞

TYPO3 is a free and open source content management system framework CMS/CMF from the Swiss TYPO3 Association. A code injection vulnerability exists in TYPO3 Core, which can be exploited by an attacker to run code via Form Framework using a vulnerability in TYPO3 Core...

PocketMine-MP invalid skin geometry JSON data leading to server crash

Impact pocketmine\entity\Skin doesn't correctly handle errors produced by adhocore/json-comment, which throws RuntimeException rather than returning false as PocketMine-MP expects. This leads to a server crash if the skin geometry data is invalid for some reason e.g. a syntax error. Patches...

DEBIAN-CVE-2020-28374

In drivers/target/targetcorexcopy.c in the Linux kernel before 5.10.7, insufficient identifier checking in the LIO SCSI target code can be used by remote attackers to read or write files via directory traversal in an XCOPY request, aka CID-2896c93811e3. For example, an attack can occur over a...

Oracle VM VirtualBox Core Code Execution Vulnerability

Oracle VM VirtualBox is a virtual machine management software from Oracle. A security vulnerability exists in Oracle VM VirtualBox Core versions prior to 6.1.16 that allows a low-privileged attacker to compromise Oracle VM VirtualBox by logging on to the infrastructure on which Oracle VM VirtualB...

PT-2019-11549

Name of the Vulnerable Software and Affected Versions: Linaro/OP-TEE versions prior to 3.4.0 Description: The issue is a buffer overflow in the optee os component, allowing execution of code in the TEE core kernel context. Recommendations: For versions prior to 3.4.0, update to version 3.4.0 or...

The vulnerability of the Oracle VM VirtualBox virtual machine, which allows a hacker to trigger a service failure

The vulnerability of the Core sub-component of the Oracle VM VirtualBox is related to errors in the code. Exploiting this vulnerability can allow an attacker acting locally to cause a service failure...

Menu Manager Mod for WebAPP - No Input Filtering

There is a system access vulnerability in the Menu Manager Mod for WebAPP. This mod is available at http://www.2xlnt.com/webapp/development/app.cgi?action=downloadinfo&cat=webappmods&id=3 . System commands can be entered in user's personal menus. Any system command works there and allows reading ...

kernel hacking simple to get started-vulnerability warning-the black bar safety net

User space and kernel space --------------------------- linux is a protected mode ofoperating system. It has been working on the i386 cpu protected mode. Memory is divided into two elements: a kernel area and a user area. （Translator's note: I think it is so called relatively smooth） The kernel...