CVE-2025-8991

CVE-2025-8991 affects linlinjava litemall versions up to 1.8.0. The vulnerability resides in the Business Logic Handler’s /admin/config/express, where manipulating the litemall_express_freight_min parameter triggers business logic errors. The issue is exploitable remotely and publicized. PT-2025-...

PT-2025-33423 · Linlinjava · Litemall

Name of the Vulnerable Software and Affected Versions: linlinjava litemall versions up to 1.8.0 Description: A vulnerability was identified in linlinjava litemall. The issue affects an unknown functionality within the /admin/config/express file of the Business Logic Handler component. Manipulatio...

PT-2025-33436 · Mtons · Mtons Mblog

Name of the Vulnerable Software and Affected Versions: mtons mblog versions prior to 3.5.1 Description: A vulnerability exists in mtons mblog up to version 3.5.0. The issue affects an unknown function within the /register endpoint and leads to information exposure through error messages. The atta...

Linux Distros Unpatched Vulnerability : CVE-2022-49822

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cifs: Fix connections leak when tlink setup failed If the tlink setup failed, lost to put the connections, then the module refcnt leak since the cifsd kthread n...

Linux Distros Unpatched Vulnerability : CVE-2025-37754

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/i915/huc: Fix fence not released on early probe errors HuC delayed loading fence,...

Malicious code in coded_errors (npm)

The package codederrors was found to contain malicious code...

MAL-2025-9304 Malicious code in @sellerly-kit/global-errors (npm)

The package @sellerly-kit/global-errors was found to contain malicious code...

Malicious code in @sellerly-kit/global-errors (npm)

The package @sellerly-kit/global-errors was found to contain malicious code...

MAL-2025-17249 Malicious code in coded_errors (npm)

The package codederrors was found to contain malicious code...

ROS-20250814-08

Vulnerability of the createInDir function of the glog library of the Golang programming language is related to errors in reference handling. reference handling errors. Exploitation of the vulnerability may allow an attacker to escalate his privileges and gain unauthorized access to protected...

CVE-2025-8671

A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implementations may result in excessive server resource consumption leading to denial-of-service DoS. By opening streams and then rapidly triggering the serv...

CVE-2025-8671

A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implementations may result in excessive server resource consumption leading to denial-of-service DoS. By opening streams and then rapidly triggering the serv...

UBUNTU-CVE-2025-8671

A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implementations may result in excessive server resource consumption leading to denial-of-service DoS. By opening streams and then rapidly triggering the serv...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS due to incorrect stream accounting in the handling of server-sent stream resets. An attacker can cause excessive server resource consumption by rapidly opening streams and triggering resets using malformed frames o...

CVE-2025-8671

A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implementations may result in excessive server resource consumption leading to denial-of-service DoS. By opening streams and then rapidly triggering the serv...

CVE-2025-8671 CVE-2025-8671

A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implementations may result in excessive server resource consumption leading to denial-of-service DoS. By opening streams and then rapidly triggering the serv...

CVE-2025-8671

A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implementations may result in excessive server resource consumption leading to denial-of-service DoS. By opening streams and then rapidly triggering the serv...

CVE-2025-8671 CVE-2025-8671

A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implementations may result in excessive server resource consumption leading to denial-of-service DoS. By opening streams and then rapidly triggering the serv...

Linux Distros Unpatched Vulnerability : CVE-2022-49819

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: octeonep: fix potential memory leak in octepdevicesetup When occur unsupporteddev and mbox...

ROS-20250812-09

A vulnerability in the encrypted function of the cross-platform software development framework Qt is related to synchronization errors when using a shared resource. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...