271 matches found
CVE-2022-37450
Go Ethereum aka geth through 1.10.21 allows attackers to increase rewards by mining blocks in certain situations, and using a manipulation of time-difference values to achieve replacement of main-chain blocks, aka Riskless Uncle Making RUM, as exploited in the wild in 2020 through 2022...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a difference-one error in the funexecop function that could lead to out-of-bounds access...
CVE-2025-40891 HTML injection in in Time Machine functionality in Guardian/CMC before 25.5.0
A Stored HTML Injection vulnerability was discovered in the Time Machine Snapshot Diff functionality due to improper validation of network traffic data. An unauthenticated attacker can send specially crafted network packets at two different times to inject HTML tags into asset attributes across t...
CVE-2025-66567 ruby-saml has a SAML authentication bypass due to namespace handling (parser differential)
The ruby-saml library is for implementing the client side of a SAML authorization. ruby-saml versions up to and including 1.12.4 contain an authentication bypass vulnerability due to an incomplete fix for CVE-2025-25292. ReXML and Nokogiri parse XML differently, generating entirely different...
EUVD-2025-150369
In the Linux kernel, the following vulnerability has been resolved: btrfs: avoid potential out-of-bounds in btrfsencodefh The function btrfsencodefh does not properly account for the three cases it handles. Before writing to the file handle fh, the function only returns to the user...
AZL-70097 CVE-2025-40205 affecting package kernel for versions less than 6.6.117.1-1
In the Linux kernel, the following vulnerability has been resolved: btrfs: avoid potential out-of-bounds in btrfsencodefh The function btrfsencodefh does not properly account for the three cases it handles. Before writing to the file handle fh, the function only returns to the user...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989687)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989687 advisory. In the Linux kernel, the following vulnerability has been resolved: ice: fix vsi-txqmap sizing The approach of having XDP queue per CPU regardless of user's setting...
uv has differential in tar extraction with PAX headers
Impact In versions 0.9.4 and earlier of uv, tar archives containing PAX headers with file size overrides were not handled properly. As a result, an attacker could contrive a source distribution as a tar archive that would extract differently when installed via uv versus other Python package...
D-Link Nuclias Connec Login Endpoint Observable Response Discrepancy Vulnerability
D-Link Nuclias Connect is a network management software from D-Link for centralized management of wireless access points APs, supporting multi-device remote control and reporting capabilities. D-Link Nuclias Connect suffers from an observable response difference vulnerability that stems from the...
D-Link Nuclias Connect Observable Response Discrepancy Vulnerability
D-Link Nuclias Connect is a network management software from D-Link for centralized management of wireless access points APs, supporting multi-device remote control and reporting capabilities. An observable response difference vulnerability exists in D-Link Nuclias Connect that stems from an...
CVE-2025-34255
D-Link Nuclias Connect firmware versions = 1.3.1.4 contain an observable response discrepancy vulnerability. The application's 'Forgot Password' endpoint returns distinct JSON responses depending on whether the supplied email address is associated with an existing account. Because the responses...
D-Link Nuclias Connect 安全漏洞
D-Link Nuclias Connect is a network management software from D-Link for centralized management of wireless access points APs, supporting multi-device remote control and reporting capabilities. An observable response difference vulnerability exists in D-Link Nuclias Connect that stems from an...
Linux Distros Unpatched Vulnerability : CVE-2023-53671
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - srcu: Delegate work to the boot cpu if using SRCUSIZESMALL Commit 994f706872e6 srcu: Make Tree SRCU able to operate without snpnode array assumes that cpu 0 is...
EUVD-2016-8292
Malware in sbrugna...
EUVD-2008-2588
Malware in sbrugna...
EUVD-2010-3111
Malware in sbrugna...
EUVD-2016-0726
Malware in sbrugna...
EUVD-2018-15657
Malware in sbrugna...
EUVD-2013-5710
Malware in sbrugna...
EUVD-2014-9630
Malware in sbrugna...