Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly handling reassigned nodes, which could lead to tree modification log errors...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from mishandling of eventfd errors, which could lead to a resource leak...

PT-2025-18486 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, specifically in the gfs2 module. The issue involves the sb bsize shift field, which can be corrupted, leading to messy mount erro...

PT-2025-18536

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak issue has been identified in the Linux kernel, specifically in the octeon ep module. The problem occurs when unsupported dev and mbox init errors happen, causing the oct-co...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an integer overflow causing vmalloc to fail, potentially leading to a memory allocation failure...

CVE-2025-4037

A vulnerability was found in code-projects ATM Banking 1.0. It has been classified as critical. Affected is the function moneyDeposit/moneyWithdraw. The manipulation leads to business logic errors. Local access is required to approach this attack. The exploit has been disclosed to the public and...

Kyverno 安全漏洞

Kyverno is a policy engine designed for Kubernetes that is open sourced by Kyverno. A security vulnerability exists in Kyverno versions prior to 1.14.0 that stems from mishandling of namespace selector errors, which could lead to bypassing security policies...

Vulnerability of the MySQL Server component: The DML mechanism of the MySQL Database Management System allows a hacker to trigger a service failure.

The vulnerability of the MySQL Server component relates to access control errors. Exploiting this vulnerability can allow an attacker to cause service interruptions...

ROS-20250430-13

HAProxy server software vulnerability is related to bounds errors in regsub function in src/sample.c. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...

The vulnerability of the mfd component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the mfd component in the Linux operating system’s kernel is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for resource management allows a perpetrator to gain unauthorized access to add, delete, and modify data.

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system relates to access control errors. Exploiting this vulnerability could allow an attacker to gain unauthorized access to add, delete, and modify data...

The vulnerability of the vaultwarden password management service, related to access control errors, allows attackers to escalate their privileges.

The vulnerability of the vaultwarden password management service is related to access control errors. Exploiting this vulnerability could allow a malicious actor, operating remotely, to increase their privileges...

The vulnerability in the web interface of the Cisco AsyncOS operating system’s account management system allows a malicious individual to gain unauthorized access to protected information. This vulnerability in the Content Security Management Appliance system enables unauthorized access to protected data.

The vulnerability of the web interface of the Cisco AsyncOS operating system’s account management system relates to access control errors. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

The vulnerability of the Rsync file transfer and synchronization utility is related to synchronization errors when using a shared resource, allowing a perpetrator to gain increased privileges.

The vulnerability of the Rsync file transfer and synchronization utility is related to synchronization errors when using a shared resource during the processing of symbolic links. Exploiting this vulnerability can allow an attacker to increase their privileges...

CVE-2025-4037

A vulnerability was found in code-projects ATM Banking 1.0. It has been classified as critical. Affected is the function moneyDeposit/moneyWithdraw. The manipulation leads to business logic errors. Local access is required to approach this attack. The exploit has been disclosed to the public and...

undertow: Large AJP request may cause DoS

A flaw was found in Undertow. AJP requests to the server may allow an attacker to send a malicious request and trigger server errors, resulting in a denial of service...

PT-2025-18115 · Unknown · Code-Projects Atm Banking

Name of the Vulnerable Software and Affected Versions: code-projects ATM Banking version 1.0 Description: A critical vulnerability was found in the code-projects ATM Banking software. The issue affects the moneyDeposit/moneyWithdraw function, leading to business logic errors. Local access is...

Ubuntu 18.04 LTS / 20.04 LTS : KiCad vulnerabilities (USN-7466-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7466-1 advisory. It was discovered that KiCad incorrectly handled memory when opening malicious files. An attacker could possibly use this issue to cause a...

PT-2025-29020

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 6.15.0-rc3+ and earlier Description: The Linux kernel contains a flaw within the sun8i-ce-cipher module related to error handling in the sun8i ce cipher prepare function. This issue manifests as two DMA cleanup problems ...

XML Entity Expansion (XEE)

org.apache.solr, solr-core is vulnerable to an XML Entity Expansion XEE. The vulnerability is due to XML resource consumption caused by the use of XML DOCTYPE and ENTITY declarations, which allows an attacker to trigger excessive memory usage during XML parsing, leading to out-of-memory errors...