Ensure That the su Command Inherits the User Environment Variables Without Escalating Privileges

The su command enables a common user to have the permissions of the superuser or other users. It is often used for switching the user from a common user to the root user. The su command provides a convenient way for users to change their identities. However, if the su command is run without...

GHSA-8V65-5FW5-23WJ node-cube vulnerable to prototype pollution

The node-cube package prior to version 5.0.0 contains a vulnerability in its handling of prototype chain initialization, which could allow an attacker to inject properties into the prototype of built-in objects. This issue, categorized under CWE-1321, arises from improper validation of...

node-cube vulnerable to prototype pollution

The node-cube package prior to version 5.0.0 contains a vulnerability in its handling of prototype chain initialization, which could allow an attacker to inject properties into the prototype of built-in objects. This issue, categorized under CWE-1321, arises from improper validation of...

CVE-2025-57348

The node-cube package prior to version 5.0.0 contains a vulnerability in its handling of prototype chain initialization, which could allow an attacker to inject properties into the prototype of built-in objects. This issue, categorized under CWE-1321, arises from improper validation of...

CVE-2025-57348

The node-cube package prior to version 5.0.0 contains a vulnerability in its handling of prototype chain initialization, which could allow an attacker to inject properties into the prototype of built-in objects. This issue, categorized under CWE-1321, arises from improper validation of...

kernel: i2c/designware: Fix an initialization issue

This CVE has been marked as Rejected by the assigning CNA...

kernel: i2c/designware: Fix an initialization issue

This CVE has been marked as Rejected by the assigning CNA...

kernel: i2c/designware: Fix an initialization issue

This CVE has been marked as Rejected by the assigning CNA...

kernel: i2c/designware: Fix an initialization issue

This CVE has been marked as Rejected by the assigning CNA...

kernel: i2c/designware: Fix an initialization issue

This CVE has been marked as Rejected by the assigning CNA...

kernel: i2c/designware: Fix an initialization issue

This CVE has been marked as Rejected by the assigning CNA...

kernel: i2c/designware: Fix an initialization issue

This CVE has been marked as Rejected by the assigning CNA...

CVE-2025-57348

The node-cube package prior to version 5.0.0 contains a vulnerability in its handling of prototype chain initialization, which could allow an attacker to inject properties into the prototype of built-in objects. This issue, categorized under CWE-1321, arises from improper validation of...

datart 安全漏洞

datart is an open source data visualization open platform by running-elephant. A security vulnerability exists in datart version 1.0.0-rc.3, which stems from improper handling of the INIT connection parameter and could lead to the execution of arbitrary code...

CVE-2025-56819

An issue in Datart v.1.0.0-rc.3 allows a remote attacker to execute arbitrary code via the INIT connection parameter...

CVE-2025-57348

The node-cube package prior to version 5.0.0 contains a vulnerability in its handling of prototype chain initialization, which could allow an attacker to inject properties into the prototype of built-in objects. This issue, categorized under CWE-1321, arises from improper validation of...

CVE-2025-56819

An issue in Datart v.1.0.0-rc.3 allows a remote attacker to execute arbitrary code via the INIT connection parameter...

parse-server 安全漏洞

parse-server is a Node.js/Express parse server open-sourced by Parse Platform. A security vulnerability exists in parse-server version 5.3.0 and earlier, which stems from a prototype contamination in the SingleInstanceStateController.initializeState function, which allows an attacker to inject an...

SUSE CVE-2025-39886

In the Linux kernel, the following vulnerability has been resolved: bpf: Tell memcg to use allowspinning=false path in bpftimerinit Currently, calling bpfmapkmallocnode from bpfasyncinit can cause various locking issues; see the following stack trace edited for style as one example: ... 10.011566...

AZL-72352 CVE-2025-39886 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: bpf: Tell memcg to use allowspinning=false path in bpftimerinit Currently, calling bpfmapkmallocnode from bpfasyncinit can cause various locking issues; see the following stack trace edited for style as one example: ... 10.011566...