Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that is caused by a logic error in multiple locations. An attacker can exploit the vulnerability to cause a local privilege escalation...

ROS-20250121-11

A vulnerability in the QTextLayout component of the cross-platform software development framework Qt is related to buffer copying without input validation. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service using a specially crafted file SVG A...

CVE-2025-24013 CodeIgniter validation of header name and value

CodeIgniter is a PHP full-stack web framework. Prior to 4.5.8, CodeIgniter lacked proper header validation for its name and value. The potential attacker can construct deliberately malformed headers with Header class. This could disrupt application functionality, potentially causing errors or...

The vulnerability of the Session Token Handler component of the software platform based on Git for collaborative code development on GitLab allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Session Token Handler component in the Git-based software development platform, which is used for collaborative code development on GitLab, is related to context switching errors during privilege handling. Exploiting this vulnerability can allow an attacker, operating...

Shiprocket Module 3 on OpenCart 安全漏洞

Shiprocket Module 3 on OpenCart is a shipping module from Shiprocket. A security vulnerability exists in Shiprocket Module 3 on OpenCart v3, which stems from the parameter contentHash in the file /index.php?route=extension/module/restapi&action=getOrders that can lead to authorization errors...

PT-2025-4853 · Unknown · Cosmos-Server

Name of the Vulnerable Software and Affected Versions: Cosmos-Server versions prior to 0.17.7 Description: The Cosmos-Server software has a user enumeration issue due to the error code returned during login, allowing an attacker to determine if a user exists in the database by monitoring the erro...

CVE-2024-57929 dm array: fix releasing a faulty array block twice in dm_array_cursor_end

In the Linux kernel, the following vulnerability has been resolved: dm array: fix releasing a faulty array block twice in dmarraycursorend When dmbmreadlock fails due to locking or checksum errors, it releases the faulty block implicitly while leaving an invalid output pointer behind. The caller ...

CVE-2024-57929

CVE-2024-57929 : In the Linux kernel, the vulnerability stems from dm-array: when dm_bm_read_lock() fails, a faulty dm_block pointer can be left behind, leading to a double release in dm_array_cursor_end() and a subsequent BUG_on in dm-bufio. The fix (as described in the CVE text) sets the cached...

CVE-2025-21633

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2025-21633

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2025-21633

...

CVE-2025-21633

...

CVE-2025-21633

CVE-2025-21633 appears in multiple advisories as part of the Linux kernel fixes: MiracleLinux AXSA:2025-10431:39 for kernel 5.14.0-570.16.1.el9_6 (remote kernel io_uring sqpoll path) and is listed among kernels in Rocky Linux 10, AlmaLinux 9/10, RHEL 9/10/Oracle Linux advisories. The described is...

CVE-2025-21633

Removed by vendor...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the netfsreadtopagecache function not properly decreasing the -nroutstanding count when handling errors,...

ROS-20250117-07

A vulnerability in the dmaengine component of the Linux operating system kernel is related to the transfer of private resources. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the powerpc/fixmap component of the Linux kernel is related to...

The vulnerability of the Ivanti EPM endpoint management software, related to errors in verifying the cryptographic signature, allows a hacker to execute remote code.

The vulnerability of the Ivanti EPM endpoint management software is related to errors in checking the cryptographic signature. Exploiting this vulnerability could allow a perpetrator to execute remote code...

The vulnerability in the implementation of the Secure Boot protocol for Windows operating systems allows attackers to disclose sensitive information that is protected by this security mechanism.

The vulnerability of the Secure Boot secure bootloading protocol for the Windows operating system is related to access control errors. Exploiting this vulnerability could allow a perpetrator to disclose protected information...

The vulnerability of the Active Directory Domain Services service on the Windows operating system allows a perpetrator to elevate their privileges to a system-level level.

The vulnerability of the Active Directory Domain Services service on the Windows operating system is related to access control errors. Exploiting this vulnerability can allow a malicious actor to elevate their privileges to a system-level level...

The vulnerability of Dell PowerScale InsightIQ software for performance monitoring and reporting, related to context switching errors during privilege escalation, allows a perpetrator to elevate their privileges to the root level.

The vulnerability of the Dell PowerScale InsightIQ software for performance monitoring and reporting is related to context switching privilege errors. Exploiting this vulnerability could allow an attacker to elevate their privileges to the root level...