CVE-2026-8786

A vulnerability has been found in Tencent WeKnora up to 0.3.6. Affected by this issue is the function getKnowledgeBaseForInitialization of the file internal/handler/initialization.go of the component Config API Endpoint. The manipulation of the argument kbId leads to authorization bypass. It is...

Astra Linux – Vulnerability in opensc

The gemsafe GPK smart card software driver in OpenSC before version 0.21.0-rc1 has a stack-based buffer overflow in the scpkcs15emugemsafeGPKinit function...

Authorization Bypass Through User-Controlled Key

Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the getKnowledgeBaseForInitialization function. An attacker can gain unauthorized access to knowledge base data and potentially modify or disrupt information by manipulating the kbId...

CVE-2025-29338

NXP moal.ko Wi-Fi driver 5.1.7.10 FW version from v17.92.1.p149.43 To v17.92.1.p149.157 was discovered to contain a buffer overflow via the modpara parameter in the woalinitmoduleparam function...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007461)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007461 advisory. In the Linux kernel, the following vulnerability has been resolved: staging: vt6655: fix some erroneous memory clean-up loops In some initialization functions of thi...

PT-2026-2185

Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.2 Description iccDEV is a set of libraries and tools for interacting with International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 contain a heap-buffer-overflow issue in the...

CVE-2026-21677

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1 and below have Undefined Behavior in its CIccCLUT::Init function which initializes and sets the size of a CLUT. This issue is fixed in version 2.3.1.1...

CVE-2025-15220

A vulnerability was detected in SohuTV CacheCloud up to 3.2.0. This affects the function init of the file src/main/java/com/sohu/cache/web/controller/LoginController.java. The manipulation results in cross site scripting. The attack may be launched remotely. The exploit is now public and may be...

UBUNTU-CVE-2022-50640

In the Linux kernel, the following vulnerability has been resolved: mmc: core: Fix kernel panic when remove non-standard SDIO card SDIO tuple is only allocated for standard SDIO card, especially it causes memory corruption issues when the non-standard SDIO card has removed, which is because the...

mtd: core: fix possible resource leak in init_mtd()

...

EUVD-2025-20799

Malicious code in bioql PyPI...

CVE-2025-38645

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Check device memory pointer before usage Add a NULL check before accessing device memory to prevent a crash if dev-dm allocation in mlx5initonce fails. Mitigation Mitigation for this issue is either not available or the...

WordPress plugin Listly: Listicles For WordPress 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability in the...

UBUNTU-CVE-2025-38262

In the Linux kernel, the following vulnerability has been resolved: tty: serial: uartlite: register uart driver in init When two instances of uart devices are probing, a concurrency race can occur. If one thread calls uartregisterdriver function, which first allocates and assigns memory to...

The vulnerability of the kvm_riscv_vcpu_sbi_init() function in the arch/riscv/kvm/vcpu_sbi.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the kvmriscvvcpusbiinit function in the arch/riscv/kvm/vcpusbi.c module of the Linux operating system is related to unvalidated array indexing. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protect...

CVE-2025-6109

A vulnerability was found in javahongxi whatsmars 2021.4.0. It has been rated as problematic. Affected by this issue is the function initialize of the file /whatsmars-archetypes/whatsmars-initializr/src/main/java/org/hongxi/whatsmars/initializr/controller/InitializrController.java. The manipulati...

clk: samsung: Fix UBSAN panic in samsung_clk_init()

...

PT-2025-15283 · Libbpf +1 · Libbpf +1

Name of the Vulnerable Software and Affected Versions: libbpf version 1.5.0 Description: The issue is a buffer overflow vulnerability that allows a local attacker to execute arbitrary code via the bpf object init prog function of libbpf. Recommendations: For libbpf version 1.5.0, as a temporary...

DEBIAN-CVE-2025-2849

A vulnerability, which was classified as problematic, was found in UPX up to 5.0.0. Affected is the function PackLinuxElf64::unDTINIT of the file src/plxelf.cpp. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been...

The vulnerability of the amd_pmc_s2d_init() function in the drivers/platform/x86/amd/pmc.c module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the amdpmcs2dinit function in the module drivers/platform/x86/amd/pmc.c of the Linux kernel is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...