7607 matches found
NLnet Labs Routinator 安全漏洞
NLnet Labs Routinator is an open-source RPKI routing origin validation service developed by NLnet Labs. There is a security vulnerability in NLnet Labs Routinator: the system exits when an error occurs during HTTP or RTR connections. Attackers can exploit this condition by opening a large number ...
CVE-2025-59853
HCL DFXAnalytics is affected by an Improper Error Handling vulnerability where the application exposes detailed stack traces in responses, which could allow an attacker to gain insights into the application's internal structure, code logic, and environment configurations...
CVE-2026-27949
Plane is an an open-source project management tool. Prior to 1.3.0, a vulnerability was identified in Plane's authentication flow where a user's email address is included as a query parameter in the URL during error handling e.g., when an invalid magic code is submitted. Transmitting personally...
CVE-2026-20450
In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch...
BIT-GOLANG-2026-42507 Arbitrary inputs are included in errors without any escaping in net/textproto
When returning errors, functions in the net/textproto package would include its input as part of the error. This might allow an attacker to inject misleading content to errors that are printed or logged...
GHSA-R3XG-RG9J-67FV Docling: Unsafe Archive Extraction and XML Parsing in METS-GBS Backend
Impact The METS-GBS backend's XML parsing and the input document format detection lacked security controls, enabling: - XML External Entity XXE attacks to read local files or cause denial of service - Decompression bombs zip bombs to exhaust memory and disk space - Unbounded archive extraction...
CVE-2025-71313
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Add missing NULL check for allocworkqueue allocworkqueue can return NULL on memory allocation failure. Without proper error checking, this may lead to a NULL pointer dereference when queuework is later called with...
PT-2026-45984
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference can occur in the PCI endpoint component. The function alloc workqueue may return NULL during a memory allocation failure. If this return value is not properly...
Linux Distros Unpatched Vulnerability : CVE-2026-46211
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/msm/gem: fix error handling in msmioctlgeminfogetmetadata msmioctlgeminfogetmetadata always returns 0 regardless of errors. When copytouser fails or the use...
UBUNTU-CVE-2026-42507
When returning errors, functions in the net/textproto package would include its input as part of the error. This might allow an attacker to inject misleading content to errors that are printed or logged...
CVE-2026-42507 Arbitrary inputs are included in errors without any escaping in net/textproto
When returning errors, functions in the net/textproto package would include its input as part of the error. This might allow an attacker to inject misleading content to errors that are printed or logged...
JDWPEx
JDWP Remote Code Execution Exploit A Python 3 implement...
Exploit for Improper Input Validation in Paloaltonetworks Pan-Os
CVE-2024-3400 This program was improved upon to include a safe...
Security update for perl-YAML-Syck (moderate)
openSUSE Security Update: Security update for perl-YAML-Syck Announcement ID: openSUSE-SU-2026:0180-1 Rating: moderate References: 1252111 1259757 Cross-References: CVE-2025-11683 CVE-2026-4177 CVSS scores: CVE-2025-11683 SUSE: 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products:...
RDMA/mana: Fix error unwind in mana_ib_create_qp_rss()
...
SUSE CVE-2026-46127
In the Linux kernel, the following vulnerability has been resolved: RDMA/ocrdma: Don't NULL deref uctx on errors in ocrdmacopypduresp Sashiko points out that pd-uctx isn't initialized until late in the function so all these error flow references are NULL and will crash. Use the uctx that isn't NU...
SUSE CVE-2026-46211
In the Linux kernel, the following vulnerability has been resolved: drm/msm/gem: fix error handling in msmioctlgeminfogetmetadata msmioctlgeminfogetmetadata always returns 0 regardless of errors. When copytouser fails or the user buffer is too small, the error code stored in ret is ignored becaus...
PT-2026-44986
Name of the Vulnerable Software and Affected Versions NanoMQ versions prior to 0.24.9 Description NanoMQ is an Edge Messaging Platform. A null pointer dereference can occur in the quic stream recv function when a substream is in a reopen state. The system completes the Asynchronous I/O AIO...
NanoMQ 代码问题漏洞
NanoMQ is an open-source IoT edge platform broker developed by EMQ in the United States. Versions of NanoMQ prior to 0.24.8 have code vulnerabilities. These vulnerabilities stem from the quicstreamrecv function, which cancels references to empty substream pointers when the substream is reopened,...
CVE-2026-46112
A flaw was found in the Linux kernel's RDMA/hns component. An issue exists where the hnsroceqpremove function is called without proper locking during an error handling process. This can lead to memory corruption, potentially causing system instability or a denial of service DoS condition. A local...