5 matches found
CVE-2025-47908
A flaw was found in github.com/rs/cors. The middleware exhibits excessive heap memory allocation when handling preflight requests containing a lengthy, comma-separated value in the Access-Control-Request-Headers ACRH header. This vulnerability allows an attacker to send a specially crafted HTTP...
CVE-2025-38439
In the Linux kernel, the following vulnerability has been resolved: bnxten: Set DMA unmap len correctly for XDPREDIRECT When transmitting an XDPREDIRECT packet, call dmaunmaplenset with the proper length instead of 0. This bug triggers this warning on a system with IOMMU enabled: WARNING: CPU: 36...
CVE-2025-54310
A local file access flaw has been discovered in qBittorrent. This flaw may allow access to local files when a web page should be expected. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising...
CVE-2024-25178
An out-of-bounds read was found in LuaJIT. This issue was uncovered through fuzzing, and no real-world exploit has been demonstrated. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease o...
CVE-2025-40908
A flaw was found in yaml-libyaml. The component uses a two-argument open function when parsing YAML files, which allows an attacker to modify existing files on the system. This flaw allows a local attacker to provide a crafted YAML file as input. This issue can result in unauthorized modification...