CVE-2025-2176

A vulnerability classified as critical has been found in libzvbi up to 0.2.43. This affects the function vbicapturesimloadcaption of the file src/io-sim.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and...

CVE-2025-2173

A vulnerability was found in libzvbi up to 0.2.43. It has been classified as problematic. Affected is the function vbistrndupiconvucs2 of the file src/conv.c. The manipulation of the argument srclength leads to uninitialized pointer. It is possible to launch the attack remotely. The exploit has...

CVE-2025-2174

A vulnerability was found in libzvbi up to 0.2.43. It has been declared as problematic. Affected by this vulnerability is the function vbistrndupiconvucs2 of the file src/conv.c. The manipulation of the argument srclength leads to integer overflow. The attack can be launched remotely. The exploit...

CVE-2025-27518

CVE-2025-27518 affects Cognita (the RAG framework) backend server. The issue is an insecure CORS configuration that allows arbitrary websites to send cross-site requests to the Cognita application. Root cause: misconfigured CORS on the backend. Reported impact is that cross-origin requests could ...

CVE-2022-49501

In the Linux kernel, the following vulnerability has been resolved: usbnet: Run unregisternetdev before unbind again Commit 2c9d6c2b871d "usbnet: run unbind before unregisternetdev" sought to fix a use-after-free on disconnect of USB Ethernet adapters. It turns out that a different fix is necessa...

UBUNTU-CVE-2024-45403

h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. When h2o is configured as a reverse proxy and HTTP/3 requests are cancelled by the client, h2o might crash due to an assertion failure. The crash can be exploited by an attacker to mount a Denial-of-Service attack. By default, th...

CVE-2024-45017

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix IPsec RoCE MPV trace call Prevent the call trace below from happening, by not allowing IPsec creation over a slave, if master device doesn't support IPsec. WARNING: CPU: 44 PID: 16136 at kernel/locking/rwsem.c:240...

CVE-2023-52911

In the Linux kernel, the following vulnerability has been resolved: drm/msm: another fix for the headless Adreno GPU Fix another oops reproducible when rebooting the board with the Adreno GPU working in the headless mode e.g. iMX platforms. Unable to handle kernel NULL pointer dereference at...

CVE-2024-43867 drm/nouveau: prime: fix refcount underflow

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: prime: fix refcount underflow Calling nouveauboref on a nouveaubo without initializing it and hence the backing ttmbo leads to a refcount underflow. Instead of calling nouveauboref in the unwind path of...

CVE-2024-42081

CVE-2024-42081 affects the Linux kernel component drm/ xe/ xe_devcoredump. The root cause was assigning xe_devcoredump_snapshot* and xe_device* unconditionally; the fix adds a NULL check and only assigns these pointers when coredump is not NULL. CVSS: Low-Privilege Local access with Medium overal...

CVE-2024-41024

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2024-41119

The CVE-2024-41119 entry concerns streamlit-geospatial. Affected component: the page 8_🏜️_Raster_Data_Visualization.py where the vis_params parameter accepts user input that is later used in eval(), enabling remote code execution prior to the fix (commit c4f81d9616d40c60584e36abb15300853a66e489). ...

PT-2024-28724 · Unknown +1 · Ruby On Rails +1

Name of the Vulnerable Software and Affected Versions: Haven blog web application affected versions not specified Description: A command injection vulnerability was found in the IndieAuth functionality of the Ruby on Rails based Haven blog web application. The affected functionality requires...

CVE-2024-32657 Hydra has persistent XSS vulnerability serving HTML build outputs

Hydra is a Continuous Integration service for Nix based projects. Attackers can execute arbitrary code in the browser context of Hydra and execute authenticated HTTP requests. The abused feature allows Nix builds to specify files that Hydra serves to clients. One use of this functionality is...

PT-2024-24749 · Hydra · Hydra

Name of the Vulnerable Software and Affected Versions: Hydra versions prior to the fix commit applied around 2024-04-21 14:30 UTC Description: Hydra, a Continuous Integration service for Nix-based projects, has an issue that allows attackers to execute arbitrary code in the browser context and...

Path traversal

Engrampa is an archive manager for the MATE environment. Engrampa is found to be vulnerable to a Path Traversal vulnerability that can be leveraged to achieve full Remote Command Execution RCE on the target. While handling CPIO archives, the Engrampa Archive manager follows symlink, cpio by defau...

GHSA-4JWQ-572W-4388 Memory over-allocation in evm crate

Impact Prior to the patch, when executing specific EVM opcodes related to memory operations that use evmcore::Memory::copylarge, the crate can over-allocate memory when it is not needed, making it possible for an attacker to perform denial-of-service attack. Patches The flaw was corrected in comm...

PT-2024-18975 · Otclient · Otclient

Name of the Vulnerable Software and Affected Versions: OTCLient versions prior to commit db560de0b56476c87a2f967466407939196dd254 Description: The issue concerns an expression injection vulnerability in the /mehah/otclient "Analysis - SonarCloud" workflow, allowing an attacker to run commands...

PT-2023-31505 · H2O · H2O

Name of the Vulnerable Software and Affected Versions: h2o versions 2.3.0-beta and prior Description: The QUIC stack, as used by h2o, is susceptible to a state exhaustion attack. When h2o is serving HTTP/3, a remote attacker can exploit this vulnerability to progressively increase the memory...

GHSA-2FR7-CC7P-P45Q Data leak of password hash through change requests

Impact Change request allows to edit any page by default, and the changes are then exported in an XML that anyone can download. So it's possible for an attacker to obtain password hash of users by performing edition of the user profiles and then downloading the XML that has been created. This is...