26 matches found
CVE-2026-23761 VB-Audio Voicemeeter & Matrix Drivers DoS via Improper FILE_OBJECT FsContext Initialization
VB-Audio Voicemeeter, Voicemeeter Banana, and Voicemeeter Potato versions ending in 1.1.1.9, 2.1.1.9, and 3.1.1.9 and earlier, respectively, as well as VB-Audio Matrix and Matrix Coconut versions ending in 1.0.2.2 and 2.0.2.2 and earlier, respectively, contain a vulnerability in their virtual aud...
Important: apache-commons-vfs
Issue Overview: Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Commons VFS. The FtpFileObject class can throw an exception when a file is not found, revealing the original URI in its message, which may include a password. The fix is to mask the password in the...
UBUNTU-CVE-2025-30474
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Commons VFS. The FtpFileObject class can throw an exception when a file is not found, revealing the original URI in its message, which may include a password. The fix is to mask the password in the exception messag...
CVE-2025-30474
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Commons VFS. The FtpFileObject class can throw an exception when a file is not found, revealing the original URI in its message, which may include a password. The fix is to mask the password in the exception messag...
HL7 FHIR Partial Path Zip Slip due to bypass of CVE-2023-24057
Impact Zip Slip protections implemented in CVE-2023-24057 GHSA-jqh6-9574-5x22 can be bypassed due a partial path traversal vulnerability. This issue allows a malicious actor to potentially break out of the TerminologyCacheManager cache directory. The impact is limited to sibling directories. To...
tracker bug fix update
An update is available for tracker. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Tracker is a powerful desktop-neutral first class object database, tag and...
SUSE-SU-2022:2083-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP4 kernel was updated. The following security bugs were fixed: - CVE-2022-21127: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. bsc1199650 - CVE-2022-21123: Fixed a stale MMIO data...
Plone Filesystem path information leak
Products/CMFPlone/FactoryTool.py in Plone 3.3 through 4.3.2 allows remote attackers to obtain the installation path via vectors related to a file object for unspecified documentation which is initialized in class scope...
Puppet Denial of Service and Arbitrary File Write
A vulnerability in Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise PE Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with agent SSL keys to 1 cause a denial of service memory consumption via a REST request to a stream that triggers...
AlmaLinux 8 : kernel (ALSA-2021:5227)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:5227 advisory. - A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user...
Race condition
A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system...
CVE-2021-20321
CVE-2021-20321 is a race-condition vulnerability in the Linux kernel OverlayFS subsystem affecting how file renames are performed, potentially allowing a local attacker to crash the system via OverlayFS misuse. Connected advisories corroborate that the issue resides in OverlayFS file object handl...
CVE-2021-20321
A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system...
CVE-2021-20321
A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system...
Important: kernel
Issue Overview: A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the timerqueueadd function in lib/timerqueue.c. This flaw allows a local attacker with special user privileges to cause a denial of service, slowing and eventually stopping the...
CVE-2021-20321
A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system...
Microsoft Windows - 'nt!NtQueryObject (ObjectNameInformation)' Kernel Pool Memory Disclosure
/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1303&desc=2 We have discovered that the nt!NtQueryObject syscall handler discloses portions of uninitialized pool memory to user-mode clients when the following conditions are met: a It is invoked with the ObjectNameInformation...
Hyper-V hosts crash in csvfs.sys in Windows Server 2012 R2
Hyper-V hosts crash in csvfs.sys in Windows Server 2012 R2 Symptoms Windows Server 2012 R2 Hyper-V hosts may crash in the csvfs.sys file process when you perform backup with certain backup applications. Cause This issue occurs if a backup solution sends the CsvControlQueryFileRevision request on ...
CVE-2013-7060
Products/CMFPlone/FactoryTool.py in Plone 3.3 through 4.3.2 allows remote attackers to obtain the installation path via vectors related to a file object for unspecified documentation which is initialized in class scope...
Design/Logic Flaw
Products/CMFPlone/FactoryTool.py in Plone 3.3 through 4.3.2 allows remote attackers to obtain the installation path via vectors related to a file object for unspecified documentation which is initialized in class scope...