CVE-2025-24013 CodeIgniter validation of header name and value

CodeIgniter is a PHP full-stack web framework. Prior to 4.5.8, CodeIgniter lacked proper header validation for its name and value. The potential attacker can construct deliberately malformed headers with Header class. This could disrupt application functionality, potentially causing errors or...

Shiprocket Module 3 on OpenCart 安全漏洞

Shiprocket Module 3 on OpenCart is a shipping module from Shiprocket. A security vulnerability exists in Shiprocket Module 3 on OpenCart v3, which stems from the parameter contentHash in the file /index.php?route=extension/module/restapi&action=getOrders that can lead to authorization errors...

PT-2025-4853 · Unknown · Cosmos-Server

Name of the Vulnerable Software and Affected Versions: Cosmos-Server versions prior to 0.17.7 Description: The Cosmos-Server software has a user enumeration issue due to the error code returned during login, allowing an attacker to determine if a user exists in the database by monitoring the erro...

CVE-2024-57929 dm array: fix releasing a faulty array block twice in dm_array_cursor_end

In the Linux kernel, the following vulnerability has been resolved: dm array: fix releasing a faulty array block twice in dmarraycursorend When dmbmreadlock fails due to locking or checksum errors, it releases the faulty block implicitly while leaving an invalid output pointer behind. The caller ...

CVE-2024-57929

CVE-2024-57929 : In the Linux kernel, the vulnerability stems from dm-array: when dm_bm_read_lock() fails, a faulty dm_block pointer can be left behind, leading to a double release in dm_array_cursor_end() and a subsequent BUG_on in dm-bufio. The fix (as described in the CVE text) sets the cached...

CVE-2025-21633

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2025-21633

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2025-21633

CVE-2025-21633 appears in multiple advisories as part of the Linux kernel fixes: MiracleLinux AXSA:2025-10431:39 for kernel 5.14.0-570.16.1.el9_6 (remote kernel io_uring sqpoll path) and is listed among kernels in Rocky Linux 10, AlmaLinux 9/10, RHEL 9/10/Oracle Linux advisories. The described is...

CVE-2025-21633

...

CVE-2025-21633

...

CVE-2025-21633

Removed by vendor...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the netfsreadtopagecache function not properly decreasing the -nroutstanding count when handling errors,...

ROS-20250117-07

A vulnerability in the dmaengine component of the Linux operating system kernel is related to the transfer of private resources. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the powerpc/fixmap component of the Linux kernel is related to...

Vulnerabilities fixed in Fortinet FortiSwitch, FortiManager, FortiAnalyzer, FortiOS and FortiProxy

Fortinet has fixed vulnerabilities in FortiSwitch, FortiManager, FortiAnalyzer, FortiOS and FortiProxy. The vulnerabilities include hard-coded cryptographic keys, improper processing of OS commands, and out-of-bounds write and read errors. Attackers can exploit these vulnerabilities to gain...

CVE-2024-57894

...

CVE-2025-0343

Swift ASN.1 can be caused to crash when parsing certain BER/DER constructions. This crash is caused by a confusion in the ASN.1 library itself which assumes that certain objects can only be provided in either constructed or primitive forms, and will trigger a preconditionFailure if that constrain...

ROS-20250115-06

A vulnerability in the ocfs2 component of the Linux kernel is related to the dereferencing of a NULL pointer in the ocfs2fillsuper function in fs/ocfs2/super.c, toocfs2trigger, ocfs2dbfrozentrigger and ocfs2journalaccess in fs/ocfs2/journal.c. Exploitation of the vulnerability could allow an...

SUSE-SU-2025:0103-1 Security update for the Linux Kernel (Live Patch 54 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122201 fixes several issues. The following security issues were fixed: - CVE-2022-48686: Fixed UAF when detecting digest errors bsc1226337. - CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. -...

CVE-2024-52898

IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD web console could allow a local user to obtain sensitive information when a detailed technical error message is returned...

Security update for the Linux Kernel (Live Patch 53 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122194 fixes several issues. The following security issues were fixed: CVE-2022-48686: Fixed UAF when detecting digest errors bsc1226337. CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956...