356 matches found
CVE-2025-38700 scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated
In the Linux kernel, the following vulnerability has been resolved: scsi: libiscsi: Initialize iscsiconn-dddata only if memory is allocated In case of an ibfastregmr allocation failure during iSER setup, the machine hits a panic because iscsiconn-dddata is initialized unconditionally, even when n...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from libiscsi not properly initializing the dddata pointer...
Malicious code in dd-test-coverage-sandbox (npm)
The package dd-test-coverage-sandbox was found to contain malicious code...
MAL-2025-18113 Malicious code in dd-transcode-ctrl (npm)
The package dd-transcode-ctrl was found to contain malicious code...
Malicious code in @zalastax/nolb-dd (npm)
The package @zalastax/nolb-dd was found to contain malicious code...
MAL-2025-11111 Malicious code in @zalastax/nolb-dd (npm)
The package @zalastax/nolb-dd was found to contain malicious code...
MAL-2025-18112 Malicious code in dd-test-coverage-sandbox (npm)
The package dd-test-coverage-sandbox was found to contain malicious code...
Malicious code in dd-transcode-ctrl (npm)
The package dd-transcode-ctrl was found to contain malicious code...
PT-2025-35973
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the libiscsi component. Specifically, the iscsi conn-dd data field is initialized regardless of whether memory allocation succeeds. If ib fast reg...
CVE-2024-30554
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wouter Dijkstra DD Rating allows Stored XSS.This issue affects DD Rating: from n/a through 1.7.1...
CVE-2020-13976
An issue was discovered in DD-WRT through 16214. The Diagnostic page allows remote attackers to execute arbitrary commands via shell metacharacters in the host field of the ping command. Exploitation through CSRF might be possible. NOTE: software maintainers consider the report invalid because it...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: powerpc/mm/fault: Fixed the reporting of kfence page faults. The copyfromkernelnofault function can be called when reading /proc/kcore. /proc/kcore may contain kfence objects that are not mapped, and reading these objects via...
DELL PowerProtect DD Path Traversal Vulnerability
DELL PowerProtect DD is a family of data protection storage appliances from Dell, built on the Data Domain platform and designed for enterprise-level users. The DELL PowerProtect DD suffers from a path traversal vulnerability that can be exploited by an attacker to illegally overwrite operating...
Dell PowerProtect DD Elevation of Privilege Vulnerability
Dell PowerProtect DD is Dell's data protection solution for backing up and restoring data. A security vulnerability exists in Dell PowerProtect DD. An attacker could exploit the vulnerability to cause elevation of privilege...
CVE-2024-38525
dd-trace-cpp is the Datadog distributed tracing for C++. When the library fails to extract trace context due to malformed unicode, it logs the list of audited headers and their values using the nlohmann JSON library. However, due to the way the JSON library is invoked, it throws an uncaught...
CVE-2025-22475
Dell PowerProtect DD, versions prior to DDOS 8.3.0.0, 7.10.1.50, and 7.13.1.10 contains a use of a Cryptographic Primitive with a Risky Implementation vulnerability. A remote attacker could potentially exploit this vulnerability, leading to Information tampering...
CVE-2025-22475
Dell PowerProtect DD, versions prior to DDOS 8.3.0.0, 7.10.1.50, and 7.13.1.10 contains a use of a Cryptographic Primitive with a Risky Implementation vulnerability. A remote attacker could potentially exploit this vulnerability, leading to Information tampering...
CVE-2025-22475
Dell PowerProtect DD, versions prior to DDOS 8.3.0.0, 7.10.1.50, and 7.13.1.10 contains a use of a Cryptographic Primitive with a Risky Implementation vulnerability. A remote attacker could potentially exploit this vulnerability, leading to Information tampering...
CVE-2024-53296
Dell PowerProtect DD versions prior to 7.10.1.50 and 7.13.1.20 contain a Stack-based Buffer Overflow vulnerability in the RestAPI. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service...
CVE-2024-53296
Dell PowerProtect DD versions prior to 7.10.1.50 and 7.13.1.20 contain a Stack-based Buffer Overflow vulnerability in the RestAPI. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service...