Tenda AC8 Buffer Overflow Vulnerability (CNVD-2025-09221)

Tenda AC8 is a wireless router from Tenda, a Chinese company. Tenda AC8 suffers from a buffer overflow vulnerability, which originates from the urls parameter of the getparentControllistInfo function, which contains a buffer overflow vulnerability that can be exploited by an attacker to cause a...

CVE-2022-49322 tracing: Fix sleeping function called from invalid context on RT kernel

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix sleeping function called from invalid context on RT kernel When setting bootparams="traceevent=initcall:initcallstart tpprintk=1" in the cmdline, the outputprintk was called, and the spinlockirqsave was called in the...

CVE-2022-49242 ASoC: mxs: Fix error handling in mxs_sgtl5000_probe

In the Linux kernel, the following vulnerability has been resolved: ASoC: mxs: Fix error handling in mxssgtl5000probe This function only calls ofnodeput in the regular path. And it will cause refcount leak in error paths. For example, when codecnp is NULL, saifnp0 and saifnp1 are not NULL, it wil...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the tcprtxsynack function that may be called in a process environment, resulting in a statistic function err...

UBUNTU-CVE-2025-26598

An out-of-bounds write flaw was found in X.Org and Xwayland. The function GetBarrierDevice searches for the pointer device based on its device ID and returns the matching value, or supposedly NULL, if no match was found. However, the code will return the last element of the list if no matching...

IBM Java 7.1 < 7.1.5.24 / 8.0 < 8.0.8.35

The version of IBM Java installed on the remote host is 7.1 prior to 7.1.5.24 / 8.0 prior to 8.0.8.35. It is, therefore, affected by a vulnerability as referenced in the IBM Security Update December 2024 advisory. - In Eclipse OpenJ9 versions up to 0.47, the JNI function GetStringUTFLength may...

CVE-2024-50211

In the Linux kernel, the following vulnerability has been resolved: udf: refactor inodebmap to handle error Refactor inodebmap to handle error since udfnextaext can return error now. On situations like ftruncate, udfextendfile can now detect errors and bail out early without resorting to checking...

CVE-2024-46674 usb: dwc3: st: fix probed platform device ref count on probe error path

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: st: fix probed platform device ref count on probe error path The probe function never performs any paltform device allocation, thus error path "undoplatformdevalloc" is entirely bogus. It drops the reference count from...

DEBIAN-CVE-2024-26647

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix late derefrence 'dsc' check in 'linksetdscppspacket' In linksetdscppspacket, 'struct displaystreamcompressor dsc' was dereferenced in a DCLOGGERINITdsc-ctx-logger; before the 'dsc' NULL pointer check. Fixes t...

MuPDF Number Error Vulnerability

MuPDF is MuPDF open source a free and open source software library written in C . Used to render pages as bitmaps, but also provides support for other operations such as searching and listing directories and links. A numeric error vulnerability exists in MuPDF version 1.23.4 due to a floating poi...

CVE-2023-31974

yasm v1.3.0 was discovered to contain a use after free via the function error at /nasm/nasm-pp.c. Note: Multiple third parties dispute this as a bug and not a vulnerability according to the YASM security policy...

THE FUNCTION LOGIC OF _REMOVEFEEDER() IS FLAWED

Lines of code Vulnerability details Impact When the admin calls removeFeeder, it will internally call removeFeeder that will have the feeder removed from feeders before getting its UPDATEROLE revoked. In the midst of doing this, the protocol forgets to update index of feederPositionMap belonging ...

Upgraded Q -> M from #38 [1669737057849]

Judge has assessed an item in Issue 38 as M risk. The relevant finding follows: 6. require check will always be false!! the require check will always be false so it the function will not do what it was designed to do and it will always revert Unnecessary update to same status...

PT-2022-33996 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.140 Description: The issue is related to an error exit in the privcmd ioctl dm op function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions...

CVE-2022-25324

All versions of package bignum are vulnerable to Denial of Service DoS due to a type-check exception in V8, when verifying the type of the second argument to the .powm function, V8 will crash regardless of Node try/catch blocks...

Rust Resource Management Error Vulnerability (CNVD-2021-31920)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in through crate for Rust 2021-02-18 and earlier versions, which stems from a double release in the map function. No details of the vulnerability are provided at...

MGASA-2021-0025 Updated php packages fix security vulnerability

FILTERVALIDATEURL accepts URLs with invalid userinfo CVE-2020-7071. streamgetcontents fails with maxlength=-1 or default. See upstream releasenotes for other changes...

Mozilla Rust Input Validation Error Vulnerability (CNVD-2021-30572)

Rust is a general-purpose, compiled programming language. An input validation error vulnerability exists in Mozilla Rust version 0.6.2, which stems from a failure to check the array size when pair is executed in the Chunk implementation. No details of the vulnerability are available at this time...

CVE-2019-6462

An issue was discovered in cairo 1.16.0. There is an infinite loop in the function arcerrornormalized in the file cairo-arc.c, related to arcmaxanglefortolerancenormalized...

PT-2018-13961 · Videolan · Libmp4V2

Name of the Vulnerable Software and Affected Versions: libmp4v2 version 2.1.0 Description: The issue arises from the function MP4Free in mp4property.cpp, which internally calls free on an invalid pointer. This results in a SIGABRT signal being raised. Recommendations: For libmp4v2 version 2.1.0,...