9 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: nvmet: pci-epf: Do not complete commands twice if nvmetreqinit fails Have nvmetreqinit and req-execute complete failed commands. Description of the problem: nvmetreqinit calls nvmetreqcomplete internally upon failure, e.g.,...
PT-2026-34947
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the PCI endpoint pci-epf-vntb where the cmd handler work is not stopped during the epf ntb epc cleanup function. This can lead to the handler running after BAR mapping...
EUVD-2026-23745
A security flaw has been discovered in langflow-ai langflow up to 1.1.0. This issue affects the function createuploadfile of the file src/backend/base/Langflow/api/v1/endpoints.py of the component API Endpoint. The manipulation results in unrestricted upload. It is possible to launch the attack...
Siemens SIMATIC S7-1500 Out-of-bounds Write (CVE-2025-39783)
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Fix configfs group list head handling Doing a listdel on the epfgroup field of struct pciepfdriver in pciepfremovecfs is not correct as this field is a list head, not a list entry. This listdel call triggers a KASA...
Amazon Linux 2 : qemu, --advisory ALAS2-2025-3031 (ALAS-2025-3031)
The version of qemu installed on the remote host is prior to 3.1.0-8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3031 advisory. A flaw was found in QEMU. An assertion failure was present in the usbepget function in hw/net/core.c when trying to get the USB endpoi...
Linux Distros Unpatched Vulnerability : CVE-2025-39783
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PCI: endpoint: Fix configfs group list head handling Doing a listdel on the epfgroup field of struct pciepfdriver in pciepfremovecfs is not correct as this fiel...
GHSA-X4C5-C7RF-JJGV @octokit/endpoint has a Regular Expression in parse that Leads to ReDoS Vulnerability Due to Catastrophic Backtracking
Summary By crafting specific options parameters, the endpoint.parseoptions call can be triggered, leading to a regular expression denial-of-service ReDoS attack. This causes the program to hang and results in high CPU utilization. Details The issue occurs in the parse function within the parse.ts...
CVE-2024-4851
A Server-Side Request Forgery SSRF vulnerability exists in the stangirard/quivr application, version 0.0.204, which allows attackers to access internal networks. The vulnerability is present in the crawl endpoint where the 'url' parameter can be manipulated to send HTTP requests to arbitrary URLs...
TCPreplay 代码问题漏洞
Appneta Tcpreplay is a suite of open source utilities for editing and replaying network traffic for UNIX-based operating systems from Appneta, USA. A security vulnerability exists in TCPreplay TCPprep v.4.4.3. An attacker could exploit this vulnerability to cause a denial of service by parsing an...