23700 matches found
CVE-2018-25377
Flash Slideshow Maker Professional 5.20 is affected by a buffer overflow in the registration dialog (Help > Register). The underlying cause involves structured exception handling (SEH), enabling a local attacker to craft a malicious payload and paste it into the Name and Code fields, potential...
PT-2026-43229
Flash Slideshow Maker Professional 5.20 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by exploiting structured exception handling. Attackers can craft a malicious payload and paste it into the Name and Code fields of the...
SocuSoft Flash Slideshow Maker Professional 安全漏洞
SocuSoft Flash Slideshow Maker Professional is a slideshow maker software from SocuSoft. A security vulnerability exists in SocuSoft Flash Slideshow Maker Professional version 5.20, which originates from a buffer overflow in the registration dialog box that could allow a local attacker to execute...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: f2fs: compress: fixed to avoid a use-after-free condition on dic. Call trace: memcpy+0x128/0x250 f2fsreadmultipages+0x940/0xf7c f2fsmpagereadpages+0x5a8/0x624 f2fsreadahead+0x5c/0x110 pagecacheraunbounded+0x1b8/0x590...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: f2fs: fixed scheduling issues during atomic decompression operations 16.945668 C0 Call trace: 16.945678 C0 dumpbacktrace+0x110/0x204 16.945706 C0 dumpstacklvl+0x84/0xbc 16.945735 C0 schedulebug+0xb8/0x1ac 16.945756 C0...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: f2fs: fixed by removing the unnecessary f2fsbugon function to avoid panics. The verifyblkaddr function will trigger a panic once we introduce a fault into f2fsisvalidblkaddr; this unnecessary f2fsbugon function has been remove...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Media: v4l: async: Fixed a NULL pointer dereferencing issue in the process of creating auxiliary links. In v4l2asynccreateancillarylinks, auxiliary links are created for lens and flash sub-devices. These are links between...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: firmwareloader: Block path traversal Most firmware names are hardcoded strings, or are constructed from fairly constrained format strings where the dynamic parts are just some hexadecimal numbers or similar elements. However,...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: mtd: inftlcore: Error checking for inftlreadoob has been added. In INFTLfindwriteunit, the return value of inftlreadoob needs to be checked. A proper implementation can be found in INFTLdeleteblock. The status will be set to...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: The WARNONONCE call has been removed from ufshcduiccmdcompl. The UIC completion interrupt may be disabled while a UIC command is being processed. When the UIC completion interrupt is re-enabled, a UIC interrupt i...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Remove the SCSI host only if it has been added. If the host attempts to remove the ufshcd driver from a UFS device, a kernel panic will occur if the ufshcdasyncscan function fails during ufshcdprobehba. This issu...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: f2fs: fixed the sanity check on the destination blkaddr during recovery. As Wenqing Liu reported in Bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=216456 loop5: detected a change in capacity from 0 to 131072. F2FS-fs...
CVE-2025-61081
...
编号撤回
BYD Atto3 is a pure electric compact SUV produced by BYD Corporation of China. The BYD Atto3 has a security vulnerability. This vulnerability allows attackers to obtain permanently valid authentication keys through brute-force attacks, enabling them to perform flash memory operations on the ECUs...
EUVD-2025-209899
In BYD Atto3, an attacker can obtain an authentication key through Brute Force attack, which is permanently available. The authentication key enables flash to the Electronic Parking Break EPB and Supplemental Restoration System SRS related ECUs...
SUSE CVE-2026-43415
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix SError in ufshcdrtcwork during UFS suspend In ufshcdwlsuspend, canceldelayedworksync is called to cancel the UFS RTC work, but it is placed after ufshcdvopssuspendhba, pmop, POSTCHANGE. This creates a race...
CVE-2026-31254
The flash-attention project thru commit e724e2588cbe754beb97cf7c011b5e7e34119e62 2025-13-04 contains a code injection vulnerability CWE-94 in its training script. The script registers the Python eval function as a Hydra configuration resolver under the name eval. This allows configuration files t...
SUSE CVE-2025-71299
In the Linux kernel, the following vulnerability has been resolved: spi: cadence-quadspi: Parse DT for flashes with the rest of the DT parsing The recent refactoring of where runtime PM is enabled done in commit f1eb4e792bb1 "spi: spi-cadence-quadspi: Enable pm runtime earlier to avoid imbalance"...
GHSA-7G5W-PQ96-8C5W flash-attention contains an insecure deserialization vulnerability in its checkpoint loading mechanism
The flash-attention training framework thru commit e724e2588cbe754beb97cf7c011b5e7e34119e62 2025-13-04 contains an insecure deserialization vulnerability CWE-502 in its checkpoint loading mechanism. The loadcheckpoint function in checkpoint.py and the checkpoint loading code in eval.py use...
aigco (=0.0.3), airoboros (>=2.1.6 <=2.2.1) +81 more potentially affected by CVE-2026-31253 via flash-attn (>=0.2.8 <=2.8.3)
flash-attn PYPI version =0.2.8, =2.1.6, =1.1.2, =0.0.0.dev0, =0.1.0, =0.1.0, =0.1.0, =0.0.1, =0.1.3, =0.1.0, =0.0.7rc14, =0.0.1, =0.0.8 and more Source cves: CVE-2026-31253 Source advisory: OSV:GHSA-7G5W-PQ96-8C5W...