Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from mishandling of work queue errors, which could lead to a resource leak...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from iwlwifi unnecessarily warning on FW errors...

python-tornado security update

4.2.1-5.0.1 - Fixed CVE-2025-47287 Raise errors instead of logging Orabug: 38049949...

Brute Force

Overview Affected versions of this package are vulnerable to Brute Force due to the lack of password policy and brute-force protection in the authentication process. An attacker can gain unauthorized access to user accounts by performing automated brute-force attacks. Remediation Upgrade...

Brute Force

Overview Affected versions of this package are vulnerable to Brute Force due to the lack of password policy and brute-force protection in the authentication process. An attacker can gain unauthorized access to user accounts by performing automated brute-force attacks. Remediation Upgrade...

BIT-GITLAB-2025-2938 Business Logic Errors in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 17.3 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users to gain elevated project privileges by requesting access to projects where role modifications during the approval...

SUSE SLES15 Security Update : gstreamer-plugins-base (SUSE-SU-2025:02020-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02020-1 advisory. - CVE-2024-47538: Fixed stack-buffer overflow in vorbishandleidentificationpacket bnc1234415 - CVE-2024-47600: Fixed out-of-bounds...

CVE-2025-2938 Business Logic Errors in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 17.3 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users to gain elevated project privileges by requesting access to projects where role modifications during the approval...

CVE-2025-2938

The CVE-2025-2938 entry concerns GitLab CE/EE (versions 17.3–17.11.4, 18.0–18.0.2, and 18.1–18.1.0) where authenticated users could gain elevated project privileges by requesting access to projects during an approval workflow, due to role modifications that yielded unintended permission grants. T...

CVE-2025-2938 Business Logic Errors in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 17.3 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users to gain elevated project privileges by requesting access to projects where role modifications during the approval...

undertow: Large AJP request may cause DoS

A flaw was found in Undertow. AJP requests to the server may allow an attacker to send a malicious request and trigger server errors, resulting in a denial of service...

SUSE-SU-2025:0063-1 Security update for gstreamer-plugins-good

This update for gstreamer-plugins-good fixes the following issues: - CVE-2024-47540: Fixed an uninitialized stack memory in Matroska/WebM demuxer. boo1234421 - CVE-2024-47537: Fixed an out-of-bounds write in isomp4/qtdemux.c. boo1234414 - CVE-2024-47543: Fixed an out-of-bounds write in...

gimp: Multiple heap buffer overflows in TGA parser

A flaw was found in GIMP when processing certain TGA image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing a heap buffer overflow...

gimp: Multiple use after free in XCF parser

A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues...

ROS-20250624-04

A vulnerability in the Lua script interpreter is related to segmentation errors in changedline in ldebug.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Evaluating Disassembly Errors with Only Binaries

Disassemblers are crucial in the analysis and modification of binaries. Existing works showing disassembler errors largely rely on practical implementation without specific guarantees and assume source code and compiler toolchains to evaluate ground truth. However, the assumption of source code i...

GHSA-HWPG-X5HW-VPV9 ChangeDetection.io XSS in watch overview

Impact XSS - Errors in filters from website page change detection watches were not being filtered. Patches 0.50.4...

gimp: Multiple heap buffer overflows in TGA parser

A flaw was found in GIMP when processing certain TGA image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing a heap buffer overflow...

gimp: Multiple use after free in XCF parser

A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues...

gimp: Multiple use after free in XCF parser

A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues...