CVE-2023-54078

CVE-2023-54078 affects the Linux kernel in the media: max9286 driver, where the control handler is leaked in certain probe-time error paths and in the remove path. The vulnerability stems from improper freeing of the control handler, and the description indicates that this was resolved by applyin...

CVE-2023-54070 igb: clean up in all error paths when enabling SR-IOV

In the Linux kernel, the following vulnerability has been resolved: igb: clean up in all error paths when enabling SR-IOV After commit 50f303496d92 "igb: Enable SR-IOV after reinit", removing the igb module could hang or crash depending on the machine when the module has been loaded with the maxv...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a lack of address family checking in the isotpbind function, which could lead to binding errors...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unconditional build affinity mask that could lead to logic errors and warnings...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not adding event handles to paths, which could lead to kernel page errors...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a premature unmapped buffer, which could lead to memory access errors...

EUVD-2025-204633

In Delphix Continuous Compliance version 2025.3.0 and later, following a recent bug fix to correctly handle CR+LF Windows and DOS End-of-Record EOR characters in delimited files, an issue was identified: using an incorrect EOR configuration can cause inaccurate parsing and leave personally...

CVE-2025-14591

In Delphix Continuous Compliance version 2025.3.0 and later, following a recent bug fix to correctly handle CR+LF Windows and DOS End-of-Record EOR characters in delimited files, an issue was identified: using an incorrect EOR configuration can cause inaccurate parsing and leave personally...

CVE-2025-59529

Avahi (up to version 0.9-rc2) is vulnerable because the simple protocol server ignores the documented CLIENTS_MAX limit: server_work() unconditionally accepts new connections and client_new() always appends a client, with no check against the limit. This allows unprivileged local users to exhaust...

CVE-2025-59529 simple protocol server ignores accepts unlimited connections and logs failures without limit

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions up to and including 0.9-rc2, the simple protocol server ignores the documented client limit and accepts unlimited connections, allowing for easy local DoS. Although CLIENTSMAX ...

CVE-2025-59529 simple protocol server ignores accepts unlimited connections and logs failures without limit

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions up to and including 0.9-rc2, the simple protocol server ignores the documented client limit and accepts unlimited connections, allowing for easy local DoS. Although CLIENTSMAX ...

CVE-2022-50686

An information disclosure vulnerability in Kentico Xperience allows attackers to view sensitive stack trace details via Portal Engine form control error messages. Detailed error messages can expose internal system information and potentially reveal implementation details to unauthorized users...

CVE-2022-50686 Kentico Xperience <= 12.0 Portal Engine Form Control Information Disclosure

An information disclosure vulnerability in Kentico Xperience allows attackers to view sensitive stack trace details via Portal Engine form control error messages. Detailed error messages can expose internal system information and potentially reveal implementation details to unauthorized users...

php: pgsql extension does not check for errors during escaping

A flaw was found in PHP. Missing error checking could result in SQL injection, and missing error handling could lead to crashes due to null pointer dereferences...

php: PHP Hostname Null Character Vulnerability

A flaw was found in PHP. The fsockopen function and related functions fail to validate NULL characters within the provided hostname, potentially leading to unexpected behavior during parsing. This flaw allows a network attacker to supply a specially crafted hostname. This issue can result in a...

PT-2025-52308

Name of the Vulnerable Software and Affected Versions Kentico Xperience affected versions not specified Description An information disclosure issue exists in Kentico Xperience. Attackers can view sensitive stack trace details through Portal Engine form control error messages. This disclosure of...

Mozilla Firefox < 7.0

The version of Firefox installed on the remote Windows host is prior to 7.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2011-41 advisory. - Mozilla Firefox before 7.0 and SeaMonkey before 2.4 allow remote attackers to cause a denial of service application cras...

kernel: iomap: iomap: fix memory corruption when recording errors during writeback

In the Linux kernel, the following vulnerability has been resolved: iomap: iomap: fix memory corruption when recording errors during writeback Every now and then I see this crash on arm64: Unable to handle kernel NULL pointer dereference at virtual address 00000000000000f8 Buffer I/O error on dev...

kernel: iomap: iomap: fix memory corruption when recording errors during writeback

In the Linux kernel, the following vulnerability has been resolved: iomap: iomap: fix memory corruption when recording errors during writeback Every now and then I see this crash on arm64: Unable to handle kernel NULL pointer dereference at virtual address 00000000000000f8 Buffer I/O error on dev...

ROS-20251217-7310

A vulnerability in Mozilla Firefox and Firefox ESR browsers is related to information presentation errors in the user interface. Exploitation of the vulnerability could allow an attacker acting remotely to conduct spoofing attacks...