The vulnerability of the Polarion ALM application lifecycle management software lies in its inability to properly handle incoming requests, allowing an attacker to gain unauthorized access to protected information.

The vulnerability of the Polarion ALM application lifecycle management software is related to inconsistencies in the responses to incoming requests. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a lack of locking in iouringshowfdinfo, which could result in reading inconsistent SQE fields...

The vulnerability of the SimpleOne ITSM automation system allows a attacker to carry out an attack using brute-force methods.

The vulnerability of the SimpleOne ITSM automation system is related to inconsistencies in the responses to incoming requests. Exploiting this vulnerability allows a malicious actor to carry out an attack using brute-force methods...

CVE-2019-18936

UniValue::read in UniValue before 1.0.5 allow attackers to cause a denial of service the class internal data reaches an inconsistent state via input data that triggers an error...

CVE-2015-20001

In the standard library in Rust before 1.2.0, BinaryHeap is not panic-safe. The binary heap is left in an inconsistent state when the comparison of generic elements inside siftup or siftdownrange panics. This bug leads to a drop of zeroed memory as an arbitrary type, which can result in a memory...

kernel: ppp: do not assume bh is held in ppp_channel_bridge_input()

In the Linux kernel, the following vulnerability has been resolved: ppp: do not assume bh is held in pppchannelbridgeinput Networking receive path is usually handled from BH handler. However, some protocols need to acquire the socket lock, and packets might be stored in the socket backlog is the...

CVE-2022-49765 net/9p: use a dedicated spinlock for trans_fd

In the Linux kernel, the following vulnerability has been resolved: net/9p: use a dedicated spinlock for transfd Shamelessly copying the explanation from Tetsuo Handa's suggested patch1 slightly reworded: syzbot is reporting inconsistent lock state in p9reqput2, for p9tagremove from p9reqput from...

PT-2025-18482 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability has been resolved in the Linux kernel, specifically in the net/9p module. The issue involves inconsistent lock state in the p9 req put function, which can be caused by...

Node.js 安全漏洞

Node.js is an open source, cross-platform JavaScript runtime environment from the Node.js open source. A security vulnerability exists in Node.js that stems from an inconsistent offt size, which could lead to out-of-bounds access...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an overly strict skbprio queue assertion that could lead to an inconsistent state...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unwaiting barrier processing NOWAIT discard request that could lead to an inconsistent state...

CVE-2025-23135

The CVE-2025-23135 issue is in the Linux kernel for RISC-V KVM teardown. The root cause is an ordering flaw during module removal: aia_exit is invoked before kvm_exit, which can leave IRQ state inconsistent (percpu IRQ 31 still enabled) and prevent the KVM module from re-insertion. The published ...

The vulnerability of the lua-nginx-module in NGINX web servers, related to inconsistent interpretation of HTTP requests, allows attackers to send hidden HTTP requests (HTTP Request Smuggling attack).

The vulnerability of the lua-nginx-module in NGINX web servers is related to inconsistent interpretation of HTTP requests. Exploiting this vulnerability allows a malicious actor to send hidden HTTP requests a type of HTTP Request Smuggling attack...

The vulnerability of the Mendix Runtime environment, related to inconsistencies in responses to incoming requests, allows attackers to disclose sensitive information.

The vulnerability of Mendix Runtime is related to inconsistencies in responses to incoming requests. Exploiting this vulnerability can allow a malicious actor to disclose protected information...

Improper Input Validation

Overview org.apache.poi:poi-ooxml is a Java API To Access Microsoft Format Files. Affected versions of this package are vulnerable to Improper Input Validation due to the parsing process of OOXML format files. An attacker can manipulate the file content by adding zip entries with duplicate names,...

GHSA-8VGW-P6QM-5GR7 Flask-CORS allows for inconsistent CORS matching

A vulnerability in corydolphin/flask-cors version 5.0.1 allows for inconsistent CORS matching due to the handling of the '+' character in URL paths. The request.path is passed through the unquoteplus function, which converts the '+' character to a space ' '. This behavior leads to incorrect path...

CVE-2024-6844 Inconsistent CORS Matching Due to Handling of '+' in URL Path in corydolphin/flask-cors

A vulnerability in corydolphin/flask-cors version 4.0.1 allows for inconsistent CORS matching due to the handling of the '+' character in URL paths. The request.path is passed through the unquoteplus function, which converts the '+' character to a space ' '. This behavior leads to incorrect path...

CVE-2024-6844

CVE-2024-6844 affects the package corydolphin/flask-cors (reported as 4.0.1). The issue arises from how URL path '+’ characters are handled: request.path is passed through unquote_plus, which converts '+' to a space. This causes incorrect path normalization and mismatches between requested paths ...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from inconsistent handling of zswap store page failures, which could lead to memory corruption...

firefox: Inconsistent comparator in XSLT sorting led to out-of-bounds access

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: An inconsistent comparator in xslt/txNodeSorter could have resulted in potentially exploitable out-of-bounds access...