902 matches found
AiOPMSD Final SQL注入漏洞
AiOPMSD Final is a video stream download tool developed by AiOPMSD Corporation. Version 1.0.0 of AiOPMSD Final contains a SQL injection vulnerability. This vulnerability arises from injecting malicious code through the q parameter, which may allow unauthenticated attackers to execute arbitrary SQ...
AiOPMSD Final SQL注入漏洞
AiOPMSD Final is a video stream download tool developed by AiOPMSD Corporation. Version 1.0.0 of AiOPMSD Final contains a SQL injection vulnerability. This vulnerability arises from injecting malicious code through the year parameter, potentially allowing unauthenticated attackers to execute...
AiOPMSD Final SQL注入漏洞
AiOPMSD Final is a video stream download tool developed by AiOPMSD Corporation. Version 1.0.0 of AiOPMSD Final contains a SQL injection vulnerability. This vulnerability arises from injecting malicious code through the “country” parameter, which may allow unauthenticated attackers to execute...
AiOPMSD Final SQL注入漏洞
AiOPMSD Final is a video stream download tool developed by AiOPMSD Corporation. Version 1.0.0 of AiOPMSD Final contains a SQL injection vulnerability. This vulnerability arises from injecting malicious code through the actor parameter, potentially allowing unauthenticated attackers to execute...
AiOPMSD Final SQL注入漏洞
AiOPMSD Final is a video stream download tool developed by AiOPMSD Corporation. Version 1.0.0 of AiOPMSD Final contains a SQL injection vulnerability. This vulnerability arises from injecting malicious code through the id parameter, potentially allowing unauthenticated attackers to execute...
AiOPMSD Final SQL注入漏洞
AiOPMSD Final is a video stream download tool developed by AiOPMSD Corporation. Version 1.0.0 of AiOPMSD Final contains a SQL injection vulnerability. This vulnerability arises from injecting malicious code through the ‘genre’ parameter, which may allow unauthenticated attackers to execute...
Linux Distros Unpatched Vulnerability : CVE-2026-45927
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bpf: Require frozen map for calculating map hash Currently, bpfmapgetinfobyfd calculates and...
SUSE CVE-2026-46053
In the Linux kernel, the following vulnerability has been resolved: net: rds: fix MR cleanup on copy error rdsrdmamap hands sg/pages ownership to the transport after getmr succeeds. If copying the generated cookie back to user space fails after that point, the error path must not free those...
EUVD-2026-32282
In the Linux kernel, the following vulnerability has been resolved: crypto: ccree - fix a memory leak in ccmacdigest Add ccunmapresult if ccmaphashrequestfinal fails to prevent potential memory leak...
CVE-2026-45986
In the Linux kernel, the following vulnerability has been resolved: crypto: ccree - fix a memory leak in ccmacdigest Add ccunmapresult if ccmaphashrequestfinal fails to prevent potential memory leak...
CVE-2026-46102 net: strparser: fix skb_head leak in strp_abort_strp()
In the Linux kernel, the following vulnerability has been resolved: net: strparser: fix skbhead leak in strpabortstrp When the stream parser is aborted, for example after a message assembly timeout, it can still hold a reference to a partially assembled message in strp-skbhead. That skb is not...
EUVD-2026-32435
In the Linux kernel, the following vulnerability has been resolved: net: rds: fix MR cleanup on copy error rdsrdmamap hands sg/pages ownership to the transport after getmr succeeds. If copying the generated cookie back to user space fails after that point, the error path must not free those...
CVE-2026-46053 net: rds: fix MR cleanup on copy error
In the Linux kernel, the following vulnerability has been resolved: net: rds: fix MR cleanup on copy error rdsrdmamap hands sg/pages ownership to the transport after getmr succeeds. If copying the generated cookie back to user space fails after that point, the error path must not free those...
CVE-2026-45986
The CVE-2026-45986 issue affects the Linux kernel crypto/ccree path, specifically a memory leak in cc_mac_digest. The root cause is a path where cc_map_hash_request_final() failures could leave memory unreleased; the fix adds cc_unmap_result() to prevent leaks. The vulnerability is locally exploi...
PT-2026-43853
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description A memory leak exists in the cc mac digest function within the ccree crypto component. This occurs when cc map hash request...
PT-2026-43920
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Reliable Datagram Sockets RDS implementation of the Linux kernel. In the rds rdma map function, memory region MR ownership of scatter-gather lists and pages is...
Linux Distros Unpatched Vulnerability : CVE-2026-46065
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fbdev: defio: Disconnect deferred I/O from the lifetime of struct fbinfo Hold state of deferred I/O in struct fbdeferrediostate. Allocate an instance as part of...
Insecure Randomness
Overview Affected versions of this package are vulnerable to Insecure Randomness due to the HKDFexpand and EVPHPKECTXexport functions returning a zero-filled byte array on failure, which is then used as key material for AEAD encryption. An attacker can predict and exploit the deterministic,...
Insecure Randomness
Overview Affected versions of this package are vulnerable to Insecure Randomness due to the HKDFexpand and EVPHPKECTXexport functions returning a zero-filled byte array on failure, which is then used as key material for AEAD encryption. An attacker can predict and exploit the deterministic,...
Unity Linux 20.1070e Security Update: undertow (UTSA-2026-016708)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016708 advisory. A flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes. This flaw allows an attacker t...