2120 matches found
DEBIAN-CVE-2025-29918
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. A PCRE rule can be written that leads to an infinite loop when negated PCRE is used. Packet processing thread becomes stuck in infinite loop limiting visibility and availability i...
UBUNTU-CVE-2025-29918
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. A PCRE rule can be written that leads to an infinite loop when negated PCRE is used. Packet processing thread becomes stuck in infinite loop limiting visibility and availability i...
Incorrect Authorization
Overview org.webjars.npm:vite is a Native-ESM powered web dev build tool Affected versions of this package are vulnerable to Incorrect Authorization via the bypass of the server.fs.deny restriction. An attacker can access restricted files by appending ?.svg with ?.wasm?init or with sec-fetch-dest...
PT-2025-14115 · Unknown +1 · React-Tooltip +1
Name of the Vulnerable Software and Affected Versions: Bruno versions prior to 1.39.1 Description: The issue arises from custom tool-tip components using react-tooltip, which set content as raw HTML and inject it into the DOM on hover. This, combined with loose Content Security Policy restriction...
Vite has a `server.fs.deny` bypassed for `inline` and `raw` with `?import` query
Summary The contents of arbitrary files can be returned to the browser. Impact Only apps explicitly exposing the Vite dev server to the network using --host or server.host config option are affected. Details - base64 encoded content of non-allowed files is exposed using ?inline&import originally...
Access Control Bypass
Overview org.webjars.npm:vite is a Native-ESM powered web dev build tool Affected versions of this package are vulnerable to Access Control Bypass through the server.fs.deny configuration, which is bypassed when using ?import query with inline and raw parameters. An attacker can read arbitrary...
GHSA-4R4M-QW57-CHR8 Vite has a `server.fs.deny` bypassed for `inline` and `raw` with `?import` query
Summary The contents of arbitrary files can be returned to the browser. Impact Only apps explicitly exposing the Vite dev server to the network using --host or server.host config option are affected. Details - base64 encoded content of non-allowed files is exposed using ?inline&import originally...
CVE-2025-21874
In the Linux kernel, the following vulnerability has been resolved: dm-integrity: Avoid divide by zero in table status in Inline mode In Inline mode, the journal is unused, and journalsectors is zero. Calculating the journal watermark requires dividing by journalsectors, which should be done only...
WordPress plugin Inline Image Upload for BBPress 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists in...
WordPress Inline Image Upload for BBPress plugin <= 1.1.19 - Authenticated (Subscriber+) Arbitrary File Upload vulnerability
Authenticated Subscriber+ Arbitrary File Upload vulnerability discovered by yudha in WordPress Plugin Inline Image Upload for BBPress versions = 1.1.19...
SUSE CVE-2022-49739
In the Linux kernel, the following vulnerability has been resolved: gfs2: Always check inode size of inline inodes Check if the inode size of stuffed inline inodes is within the allowed range when reading inodes from disk gfs2dinodein. This prevents us from on-disk corruption. The two checks in...
SUSE CVE-2025-21874
In the Linux kernel, the following vulnerability has been resolved: dm-integrity: Avoid divide by zero in table status in Inline mode In Inline mode, the journal is unused, and journalsectors is zero. Calculating the journal watermark requires dividing by journalsectors, which should be done only...
CVE-2022-49739
In the Linux kernel, the following vulnerability has been resolved: gfs2: Always check inode size of inline inodes Check if the inode size of stuffed inline inodes is within the allowed range when reading inodes from disk gfs2dinodein. This prevents us from on-disk corruption. The two checks in...
DEBIAN-CVE-2022-49739
In the Linux kernel, the following vulnerability has been resolved: gfs2: Always check inode size of inline inodes Check if the inode size of stuffed inline inodes is within the allowed range when reading inodes from disk gfs2dinodein. This prevents us from on-disk corruption. The two checks in...
UBUNTU-CVE-2022-49739
In the Linux kernel, the following vulnerability has been resolved: gfs2: Always check inode size of inline inodes Check if the inode size of stuffed inline inodes is within the allowed range when reading inodes from disk gfs2dinodein. This prevents us from on-disk corruption. The two checks in...
CVE-2022-49739 gfs2: Always check inode size of inline inodes
In the Linux kernel, the following vulnerability has been resolved: gfs2: Always check inode size of inline inodes Check if the inode size of stuffed inline inodes is within the allowed range when reading inodes from disk gfs2dinodein. This prevents us from on-disk corruption. The two checks in...
CVE-2022-49739 gfs2: Always check inode size of inline inodes
In the Linux kernel, the following vulnerability has been resolved: gfs2: Always check inode size of inline inodes Check if the inode size of stuffed inline inodes is within the allowed range when reading inodes from disk gfs2dinodein. This prevents us from on-disk corruption. The two checks in...
CVE-2022-49739
CVE-2022-49739 affects the Linux kernel GFS2 code: when reading inodes from disk, the inode size of stuffed (inline) inodes is now validated to be within the allowed range in gfs2_dinode_in(). This fixes on-disk corruption that could result from previous truncation logic in stuffed_readpage() and...
CVE-2022-49739
In the Linux kernel, the following vulnerability has been resolved: gfs2: Always check inode size of inline inodes Check if the inode size of stuffed inline inodes is within the allowed range when reading inodes from disk gfs2dinodein. This prevents us from on-disk corruption. The two checks in...
DEBIAN-CVE-2025-21874
In the Linux kernel, the following vulnerability has been resolved: dm-integrity: Avoid divide by zero in table status in Inline mode In Inline mode, the journal is unused, and journalsectors is zero. Calculating the journal watermark requires dividing by journalsectors, which should be done only...