CVE-2022-50017

In the Linux kernel, the following vulnerability has been resolved: mips: cavium-octeon: Fix missing ofnodeput in octeon2usbclocksstart We should call ofnodeput for the reference 'uctlnode' returned by ofgetparent which will increase the refcount. Otherwise, there will be a refcount leak bug...

CVE-2022-49941

...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a missing cleanup helper function call, which could lead to a resource leak...

SAP S/4HANA 安全漏洞

SAP S/4HANA is an enterprise resource management software based on the SAP HANA in-memory database system from SAP, Germany. A security vulnerability exists in SAP S/4HANA that stems from insufficient authorization checking, which could lead to the creation of RFC targets and the assignment of...

The vulnerability of the functional module of the RFC interface of the software tool for managing changes and migrations in SAP Landscape Transformation (SLT) allows a attacker to influence the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the functional module of the RFC interface of the software tool for managing changes and migrations in SAP Landscape Transformation SLT is related to improper code generation. Exploiting this vulnerability can allow an attacker to influence the confidentiality, integrity, and...

CVE-2025-37999 fs/erofs/fileio: call erofs_onlinefolio_split() after bio_add_folio()

In the Linux kernel, the following vulnerability has been resolved: fs/erofs/fileio: call erofsonlinefoliosplit after bioaddfolio If bioaddfolio fails because it is full, erofsfileioscanfolio needs to submit the I/O request via erofsfileiorqsubmit and allocate a new I/O request with an empty stru...

CVE-2025-48370

CVE-2025-48370 affects the auth-js library (Supabase Auth). Before 2.69.1, functions getUserById, deleteUser, updateUserById, listFactors and deleteFactor did not require UUIDs for user-controlled inputs, enabling potential URL path traversal and invocation of the wrong API function. The issue ta...

CVE-2024-8936

CWE-20: Improper Input Validation vulnerability exists that could lead to loss of confidentiality of controller memory after a successful Man-In-The-Middle attack followed by sending a crafted Modbus function call used to tamper with memory...

CVE-2024-8937

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause a potential arbitrary code execution after a successful Man-In-The Middle attack followed by sending a crafted Modbus function call to tamper with memory area involved in the...

CVE-2023-47456

Tenda AX1806 V1.0.0.1 contains a stack overflow vulnerability in function sub455D4, called by function fromSetWirelessRepeat...

CVE-2022-44315

PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the ExpressionAssign function in expression.c when called from ExpressionParseFunctionCall...

CVE-2020-23546

IrfanView 4.54 allows attackers to cause a denial of service or possibly other unspecified impacts via a crafted XBM file, related to a "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FORMATS!ReadMosaic+0x0000000000000981...

CVE-2011-3350

masqmail 0.2.21 through 0.2.30 improperly calls seteuid in src/log.c and src/masqmail.c that results in improper privilege dropping...

CVE-2025-47691 WordPress Ultimate Member plugin <= 2.10.3 - Arbitrary Function Call vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Ultimate Member Ultimate Member ultimate-member allows Code Injection.This issue affects Ultimate Member: from n/a through = 2.10.3...

CVE-2025-47691 WordPress Ultimate Member plugin <= 2.10.3 - Arbitrary Function Call vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Ultimate Member Ultimate Member allows Code Injection. This issue affects Ultimate Member: from n/a through 2.10.3...

SUSE CVE-2022-49837

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix memory leaks in checkfunccall kmemleak reports this issue: unreferenced object 0xffff88817139d000 size 2048: comm "testprogs", pid 33246, jiffies 4307381979 age 45851.820s hex dump first 32 bytes: 01 00 00 00 00 00 00 00...

CVE-2022-49837

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix memory leaks in checkfunccall kmemleak reports this issue: unreferenced object 0xffff88817139d000 size 2048: comm "testprogs", pid 33246, jiffies 4307381979 age 45851.820s hex dump first 32 bytes: 01 00 00 00 00 00 00 00...

DEBIAN-CVE-2022-49837

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix memory leaks in checkfunccall kmemleak reports this issue: unreferenced object 0xffff88817139d000 size 2048: comm "testprogs", pid 33246, jiffies 4307381979 age 45851.820s hex dump first 32 bytes: 01 00 00 00 00 00 00 00...

UBUNTU-CVE-2022-49837

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix memory leaks in checkfunccall kmemleak reports this issue: unreferenced object 0xffff88817139d000 size 2048: comm "testprogs", pid 33246, jiffies 4307381979 age 45851.820s hex dump first 32 bytes: 01 00 00 00 00 00 00 00...

CVE-2022-49837

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix memory leaks in checkfunccall kmemleak reports this issue: unreferenced object 0xffff88817139d000 size 2048: comm "testprogs", pid 33246, jiffies 4307381979 age 45851.820s hex dump first 32 bytes: 01 00 00 00 00 00 00 00...