CVE-2025-2321

A vulnerability was found in 274056675 springboot-openai-chatgpt e84f6f5 and classified as critical. Affected by this issue is some unknown functionality of the file /api/mjkj-chat/cgform-api/addData/. The manipulation of the argument chatUserID leads to business logic errors. The attack may be...

CVE-2025-2321 274056675 springboot-openai-chatgpt addData logic error

A vulnerability was found in 274056675 springboot-openai-chatgpt e84f6f5 and classified as critical. Affected by this issue is some unknown functionality of the file /api/mjkj-chat/cgform-api/addData/. The manipulation of the argument chatUserID leads to business logic errors. The attack may be...

CVE-2025-2321

CVE-2025-2321 affects the 274056675 springboot-openai-chatgpt (commit e84f6f5). The vulnerability concerns the file /api/mjkj-chat/cgform-api/addData/ where manipulation of the chatUserID parameter triggers business logic errors. It is described as exploitable remotely, with the exploit disclosed...

OPENSUSE-SU-2025:0091-1 Security update for restic

This update for restic fixes the following issues: - Fixed CVE-2025-22868: golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2 boo1239264 - Update to version 0.17.3 - Fix 4971: Fix unusable mount on macOS Sonoma - Fix 5003: Fix metadata errors during...

CVE-2025-20142

A vulnerability in the IPv4 access control list ACL feature and quality of service QoS policy feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an...

ALSA: control: Avoid WARN() for symlink errors

...

Siemens SCALANCE X-200RNA Switch Devices Resource Management Errors (CVE-2016-0798)

Memory leak in the SRPVBASEgetbyuser implementation in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service memory consumption by providing an invalid username in a connection attempt, related to apps/sserver.c and crypto/srp/srpvfy.c. This plug...

Siemens SCALANCE X-200RNA Switch Devices Resource Management Errors (CVE-2015-1788)

The BNGF2mmodinv function in crypto/bn/bngf2m.c in OpenSSL before 0.9.8s, 1.0.0 before 1.0.0e, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b does not properly handle ECParameters structures in which the curve is over a malformed binary polynomial field, which allows remote attackers to cause a...

Siemens SCALANCE X-200RNA Switch Devices Resource Management Errors (CVE-2016-6308)

statem/statemdtls.c in the DTLS implementation in OpenSSL 1.1.0 before 1.1.0a allocates memory before checking for an excessive length, which might allow remote attackers to cause a denial of service memory consumption via crafted DTLS messages. This plugin only works with Tenable.ot. Please visi...

Improper Handling of Exceptional Conditions

Overview Affected versions of this package are vulnerable to Improper Handling of Exceptional Conditions through the EndBlocker process. An attacker can cause the blockchain to halt by submitting malicious proposals that trigger errors in this process. Remediation Upgrade...

CVE-2025-20142

A vulnerability in the IPv4 access control list ACL feature and quality of service QoS policy feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an...

CVE-2025-20142

Cisco IOS XR Software for ASR 9000 Series Routers, including ASR 9902/9903, contains a vulnerability in the IPv4 ACL and QoS policy handling that affects line cards. Malformed IPv4 packets processed when an IPv4 ACL or QoS policy is applied can cause network processor errors, triggering a line-ca...

Azure Linux 3.0 Security Update: kernel (CVE-2024-53096)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-53096 advisory. - In the Linux kernel, the following vulnerability has been resolved: mm: resolve faulty mmapregion error path...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-56728)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-56728 advisory. - In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2mboxgetrsp erro...

CVE-2024-58074

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Grab inteldisplay from the encoder to avoid potential oopsies Grab the inteldisplay from 'encoder' rather than 'state' in the encoder hooks to avoid the massive footgun that is intelsanitizeencoder, which passes NULL as...

ROS-20250307-08

The vulnerability of the objdump.c file of the GNU Binutils development tool is related to bounds errors in the disassemblebytes function in binutils/objdump.c in the nm binary. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

CVE-2024-58075

CVE-2024-58075: In the Linux kernel, crypto: tegra may transfer a request even when tegra_cmac_init/tegra_sha_init returns an error (e.g., memory exhaustion). A patch in kernel code fixes that the request must not be transferred on init failure. Affected: Linux kernel crypto/tegra components; imp...

Linux Distros Unpatched Vulnerability : CVE-2024-8184

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote which can be exploited by unauthorized users to cause remote denial-of-service DoS...

Medium: php8.2

Issue Overview: The upstream advisory describes this issue as follows: A memory-related vulnerability in PHP's filter handling system, particularly when processing input with convert.quoted-printable-decode filters, leads to a segmentation fault. This vulnerability is triggered through specific...

PT-2025-9968 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel's Bluetooth functionality has been resolved. The issue was related to the Mediatek btusb code, which did not properly claim the device lock when...