34 matches found
Authorization Bypass Through User-Controlled Key
Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the getKnowledgeBaseForInitialization function. An attacker can gain unauthorized access to knowledge base data and potentially modify or disrupt information by manipulating the kbId...
CVE-2025-29338
NXP moal.ko Wi-Fi driver 5.1.7.10 FW version from v17.92.1.p149.43 To v17.92.1.p149.157 was discovered to contain a buffer overflow via the modpara parameter in the woalinitmoduleparam function...
Astra Linux - уязвимость в opensc
The gemsafe GPK smart card software driver in OpenSC before version 0.21.0-rc1 has a stack-based buffer overflow in the scpkcs15emugemsafeGPKinit function...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007461)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007461 advisory. In the Linux kernel, the following vulnerability has been resolved: staging: vt6655: fix some erroneous memory clean-up loops In some initialization functions of thi...
PT-2026-2185
Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.2 Description iccDEV is a set of libraries and tools for interacting with International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 contain a heap-buffer-overflow issue in the...
CVE-2026-21677
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1 and below have Undefined Behavior in its CIccCLUT::Init function which initializes and sets the size of a CLUT. This issue is fixed in version 2.3.1.1...
CVE-2025-15220
A vulnerability was detected in SohuTV CacheCloud up to 3.2.0. This affects the function init of the file src/main/java/com/sohu/cache/web/controller/LoginController.java. The manipulation results in cross site scripting. The attack may be launched remotely. The exploit is now public and may be...
UBUNTU-CVE-2022-50640
In the Linux kernel, the following vulnerability has been resolved: mmc: core: Fix kernel panic when remove non-standard SDIO card SDIO tuple is only allocated for standard SDIO card, especially it causes memory corruption issues when the non-standard SDIO card has removed, which is because the...
mtd: core: fix possible resource leak in init_mtd()
...
EUVD-2025-20799
Malicious code in bioql PyPI...
CVE-2025-38645
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Check device memory pointer before usage Add a NULL check before accessing device memory to prevent a crash if dev-dm allocation in mlx5initonce fails. Mitigation Mitigation for this issue is either not available or the...
WordPress plugin Listly: Listicles For WordPress 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability in the...
UBUNTU-CVE-2025-38262
In the Linux kernel, the following vulnerability has been resolved: tty: serial: uartlite: register uart driver in init When two instances of uart devices are probing, a concurrency race can occur. If one thread calls uartregisterdriver function, which first allocates and assigns memory to...
CVE-2025-6109
A vulnerability was found in javahongxi whatsmars 2021.4.0. It has been rated as problematic. Affected by this issue is the function initialize of the file /whatsmars-archetypes/whatsmars-initializr/src/main/java/org/hongxi/whatsmars/initializr/controller/InitializrController.java. The manipulati...
clk: samsung: Fix UBSAN panic in samsung_clk_init()
...
PT-2025-15283 · Libbpf +1 · Libbpf +1
Name of the Vulnerable Software and Affected Versions: libbpf version 1.5.0 Description: The issue is a buffer overflow vulnerability that allows a local attacker to execute arbitrary code via the bpf object init prog function of libbpf. Recommendations: For libbpf version 1.5.0, as a temporary...
DEBIAN-CVE-2025-2849
A vulnerability, which was classified as problematic, was found in UPX up to 5.0.0. Affected is the function PackLinuxElf64::unDTINIT of the file src/plxelf.cpp. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been...
CVE-2024-50048 fbcon: Fix a NULL pointer dereference issue in fbcon_putcs
In the Linux kernel, the following vulnerability has been resolved: fbcon: Fix a NULL pointer dereference issue in fbconputcs syzbot has found a NULL pointer dereference bug in fbcon. Here is the simplified C reproducer: struct param uint8t type; struct tioclselection ts; ; int main struct...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a null pointer check not being performed on clkmgr and clkmgr-funcs in the dcn30inithw function, which could...
SUSE CVE-2024-26765
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Disable IRQ before initfn for nonboot CPUs Disable IRQ before initfn for nonboot CPUs when hotplug, in order to silence such warnings and also avoid potential errors due to unexpected interrupts: WARNING: CPU: 1 PID: 0...