The vulnerability of the AuthenticationFilter class in the Apache Pinot OLAP data store allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the AuthenticationFilter class in the Apache Pinot OLAP data store is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to influence the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the at8031_parse_dt() function in the drivers/net/phy/at803x.c module of the Linux physical layer network support driver allows a attacker to cause a service failure.

The vulnerability of the at8031parsedt function in the drivers/net/phy/at803x.c module of the Linux PHY driver for the Linux operating system is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

Security update for the Linux Kernel (Live Patch 54 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122201 fixes several issues. The following security issues were fixed: CVE-2024-46818: drm/amd/display: Check gpioid before used as array index bsc1231204. CVE-2024-50302: HID: core: zero-initialize the report buffer bsc1233679. CVE-2022-48792: scsi: pm800...

GO-2025-3516 Cosmos SDK can halt when erroring in EndBlocker in github.com/cosmos/cosmos-sdk/

Cosmos SDK can halt when erroring in EndBlocker in github.com/cosmos/cosmos-sdk/...

PHP 8.1.x < 8.1.32 Multiple Vulnerabilities

According to its self-reported version number, the version of PHP installed on the remote host is 8.1.x prior to 8.1.32, 8.2.x prior to 8.2.28, 8.3.x prior to 8.3.19, or 8.4.x prior to 8.4.5. It is, therefore, affected by multiple vulnerabilities: - libxml streams use wrong content-type header wh...

The vulnerability of the i2c_imx_xfer() function in the drivers/i2c/busses/i2c-imx.c module of the Linux kernel allows a hacker to gain access to protected information.

The vulnerability of the i2cimxxfer function in the drivers/i2c/busses/i2c-imx.c file of the Linux kernel is related to security configuration errors. Exploiting this vulnerability could allow an attacker to access protected information...

The vulnerability of the tpm2_seal_trusted() function in the security/keys/trusted-keys/trusted_tpm2.c file of the Linux kernel allows a hacker to trigger a service failure.

The vulnerability of the tpm2sealtrusted function in the security/keys/trusted-keys/trustedtpm2.c file of the Linux kernel is related to code errors. Exploiting this vulnerability could allow an attacker to trigger a service failure...

The vulnerability of the Mozilla Firefox Focus browser, related to access control errors, allows attackers to bypass existing security restrictions.

The vulnerability of the Mozilla Firefox Focus browser is related to access control errors. Exploiting this vulnerability can allow a remote attacker to bypass existing security restrictions...

ROS-20250318-01

A vulnerability in the net component of the Linux kernel is related to the dereferencing of a NULL pointer in the sockcreate function in net/socket.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service denial of service A vulnerability in the net component of t...

Important: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

uberAgent service startup fails with error 13

uberAgent service is not running. Attempt to start the service fails. Error message: Windows could not start the uberAgent service on Local Computer.Error 13: The data is invalid. uberAgent log file located in C:\Windows\Temp default location shows the errors: 2025-03-17 10:23:55.706...

The vulnerability of microprogrammed software for Intel processors, related to access privilege violations, allows attackers to enhance their privileges.

The vulnerabilities of microprogrammed software in Intel processors are related to access control errors. Exploiting these vulnerabilities can allow attackers to enhance their privileges...

The vulnerability of FortiWeb web applications’ network firewalls arises from incorrect processing of syntaxically incorrect structures, allowing attackers to bypass security restrictions and execute arbitrary commands.

The vulnerability of FortiWeb web applications’ network firewalls is related to the improper processing of syntaxically incorrect structures. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and execute arbitrary commands by sending specially crafted HTTP/S...

CVE-2025-2321

A vulnerability was found in 274056675 springboot-openai-chatgpt e84f6f5 and classified as critical. Affected by this issue is some unknown functionality of the file /api/mjkj-chat/cgform-api/addData/. The manipulation of the argument chatUserID leads to business logic errors. The attack may be...

CVE-2025-2321

CVE-2025-2321 affects the 274056675 springboot-openai-chatgpt (commit e84f6f5). The vulnerability concerns the file /api/mjkj-chat/cgform-api/addData/ where manipulation of the chatUserID parameter triggers business logic errors. It is described as exploitable remotely, with the exploit disclosed...

CVE-2025-2321 274056675 springboot-openai-chatgpt addData logic error

A vulnerability was found in 274056675 springboot-openai-chatgpt e84f6f5 and classified as critical. Affected by this issue is some unknown functionality of the file /api/mjkj-chat/cgform-api/addData/. The manipulation of the argument chatUserID leads to business logic errors. The attack may be...

OPENSUSE-SU-2025:0091-1 Security update for restic

This update for restic fixes the following issues: - Fixed CVE-2025-22868: golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2 boo1239264 - Update to version 0.17.3 - Fix 4971: Fix unusable mount on macOS Sonoma - Fix 5003: Fix metadata errors during...

CVE-2025-20142

A vulnerability in the IPv4 access control list ACL feature and quality of service QoS policy feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an...

The vulnerability of Microprogramming Software in the Wiren Board controller, related to access control errors, allows a intruder to execute arbitrary commands.

The vulnerability of Microprogramming software for Wiren Boards, related to access control errors. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands by sending a specially crafted URL command remotely...

ALSA: control: Avoid WARN() for symlink errors

...