10270 matches found
UBUNTU-CVE-2022-50884
In the Linux kernel, the following vulnerability has been resolved: drm: Prevent drmcopyfield to attempt copying a NULL pointer There are some struct drmdriver fields that are required by drivers since drmcopyfield attempts to copy them to user-space via DRMIOCTLVERSION. But it can be possible th...
CVE-2025-15234
A weakness has been identified in Tenda M3 1.0.0.134903. Impacted is the function formSetRemoteInternetLanInfo of the file /goform/setInternetLanInfo. This manipulation of the argument portIp/portMask/portGateWay/portDns/portSecDns causes heap-based buffer overflow. It is possible to initiate the...
EUVD-2025-205699
A security flaw has been discovered in Tenda M3 1.0.0.134903. This issue affects the function formSetAdInfoDetails of the file /goform/setAdInfoDetail. The manipulation of the argument adName/smsPassword/smsAccount/weixinAccount/weixinName/smsSignature/adRedirectUrl/adCopyRight/smsContent/adItemU...
CVE-2025-15211
A flaw has been found in code-projects Refugee Food Management System 1.0. Impacted is an unknown function of the file /home/refugee.php. Executing manipulation of the argument refNo/Fname/Lname/sex/age/contact/nationalitynid can lead to sql injection. The attack can be executed remotely. The...
CVE-2025-50343
CVE-2025-50343 affects libmatio (MAT-file I/O library). A heap-based memory corruption can occur in Mat_VarCreateStruct() when nfields does not match the actual number of strings in the fields array, causing out-of-bounds reads and invalid memory frees during cleanup, potentially leading to a seg...
Frappe CRM 跨站脚本漏洞
Frappe CRM is a full-featured customer relationship management system from Frappe Open Source. A cross-site scripting vulnerability exists in Frappe CRM versions prior to 1.56.2, which stems from insufficient cleanup of specially crafted URLs in web site fields, and could lead to cross-site...
CVE-2025-68724
In the Linux kernel, the following vulnerability has been resolved: crypto: asymmetrickeys - prevent overflow in asymmetrickeygenerateid Use checkaddoverflow to guard against potential integer overflows when adding the binary blob lengths and the size of an asymmetrickeyid structure and return...
SUSE CVE-2025-68724
In the Linux kernel, the following vulnerability has been resolved: crypto: asymmetrickeys - prevent overflow in asymmetrickeygenerateid Use checkaddoverflow to guard against potential integer overflows when adding the binary blob lengths and the size of an asymmetrickeyid structure and return...
SUSE CVE-2025-68744
In the Linux kernel, the following vulnerability has been resolved: bpf: Free special fields when update lru,percpuhash maps As lru,percpuhash maps support BPFKPTRREF,PERCPU, missing calls to 'bpfobjfreefields' in 'pcpucopyvalue' could cause the memory referenced by BPFKPTRREF,PERCPU fields to be...
Kentico Xperience HTML Injection Vulnerability
Kentico Xperience is a digital experience platform from Kentico. Kentico Xperience suffers from an HTML injection vulnerability that stems from the lack of valid filtering and escaping of user-supplied data in unencoded form fields, which can be exploited by an attacker to execute arbitrary web...
CVE-2018-25135
Anviz AIM CrossChex Standard 4.3.6.0 contains a CSV injection vulnerability that allows attackers to execute commands by inserting malicious formulas in user import fields. Attackers can craft payloads in fields like 'Name', 'Gender', or 'Position' to trigger Excel macro execution when importing...
CVE-2018-25135 Anviz AIM CrossChex Standard 4.3.6.0 CSV Injection via User Import
Anviz AIM CrossChex Standard 4.3.6.0 contains a CSV injection vulnerability that allows attackers to execute commands by inserting malicious formulas in user import fields. Attackers can craft payloads in fields like 'Name', 'Gender', or 'Position' to trigger Excel macro execution when importing...
EUVD-2025-205218
In the Linux kernel, the following vulnerability has been resolved: bpf: Free special fields when update lru,percpuhash maps As lru,percpuhash maps support BPFKPTRREF,PERCPU, missing calls to 'bpfobjfreefields' in 'pcpucopyvalue' could cause the memory referenced by BPFKPTRREF,PERCPU fields to be...
AZL-73093 CVE-2025-68744 affecting package kernel for versions less than 6.6.121.1-1
In the Linux kernel, the following vulnerability has been resolved: bpf: Free special fields when update lru,percpuhash maps As lru,percpuhash maps support BPFKPTRREF,PERCPU, missing calls to 'bpfobjfreefields' in 'pcpucopyvalue' could cause the memory referenced by BPFKPTRREF,PERCPU fields to be...
UBUNTU-CVE-2025-68744
In the Linux kernel, the following vulnerability has been resolved: bpf: Free special fields when update lru,percpuhash maps As lru,percpuhash maps support BPFKPTRREF,PERCPU, missing calls to 'bpfobjfreefields' in 'pcpucopyvalue' could cause the memory referenced by BPFKPTRREF,PERCPU fields to be...
EUVD-2025-205073
In the Linux kernel, the following vulnerability has been resolved: crypto: asymmetrickeys - prevent overflow in asymmetrickeygenerateid Use checkaddoverflow to guard against potential integer overflows when adding the binary blob lengths and the size of an asymmetrickeyid structure and return...
CVE-2025-68744 bpf: Free special fields when update [lru_,]percpu_hash maps
In the Linux kernel, the following vulnerability has been resolved: bpf: Free special fields when update lru,percpuhash maps As lru,percpuhash maps support BPFKPTRREF,PERCPU, missing calls to 'bpfobjfreefields' in 'pcpucopyvalue' could cause the memory referenced by BPFKPTRREF,PERCPU fields to be...
CVE-2025-68744
CVE-2025-68744 is a Linux kernel vulnerability affecting BPF maps. The issue arises from not freeing memory for BPF_KPTR_{REF,PERCPU} fields when updating certain lru_percpu_hash maps, potentially causing references to remain after map destruction. The root cause, as described in the initial CVE ...
CVE-2025-68744 bpf: Free special fields when update [lru_,]percpu_hash maps
In the Linux kernel, the following vulnerability has been resolved: bpf: Free special fields when update lru,percpuhash maps As lru,percpuhash maps support BPFKPTRREF,PERCPU, missing calls to 'bpfobjfreefields' in 'pcpucopyvalue' could cause the memory referenced by BPFKPTRREF,PERCPU fields to be...
Unsound APIs of public `constant::Reader` and `StructSchema`
The safe API functions constant::Reader::get and StructSchema::new rely on PointerReader::getrootunchecked, which can cause undefined behavior UB by constructing arbitrary words or schemas. Reader::get rust pub fn get&self - Result::Reader // ... // UNSAFE: access words without validation...