Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a vulnerability related to input validation errors. This vulnerability stemmed from insufficient input validation in ANGLE, which could allow remote attackers to execute a sandbox...

EUVD-2026-25008

A vulnerability in the rm utility of uutils coreutils allows the bypass of safeguard mechanisms intended to protect the current directory. While the utility correctly refuses to delete . or .., it fails to recognize equivalent paths with trailing slashes, such as ./ or .///. An accidental or...

GHSA-VCHC-9GGH-3236 uutils coreutils has a Path Traversal issue

A vulnerability in the rm utility of uutils coreutils allows the bypass of safeguard mechanisms intended to protect the current directory. While the utility correctly refuses to delete . or .., it fails to recognize equivalent paths with trailing slashes, such as ./ or .///. An accidental or...

CVE-2026-35363

The CVE-2026-35363 entry concerns the rm utility in uutils coreutils. The issue: path normalization bug allows bypass of safeguards for the current directory. It correctly refuses . and .. but fails to recognize equivalent paths with trailing slashes (e.g., ./ or .///). An accidental/malicious ex...

PT-2026-34499

A vulnerability in the rm utility of uutils coreutils allows the bypass of safeguard mechanisms intended to protect the current directory. While the utility correctly refuses to delete . or .., it fails to recognize equivalent paths with trailing slashes, such as ./ or .///. An accidental or...

CVE-2026-40249 free5gc UDR fail-open request handling in PolicyDataSubsToNotifySubsIdPut may allow unintended subscription updates after input errors

free5GC is an open-source implementation of the 5G core network. In versions 4.2.1 and below of the UDR service, the PUT handler for updating Policy Data notification subscriptions at /nudr-dr/v2/policy-data/subs-to-notify/subsId does not return after request body retrieval or deserialization...

EUVD-2025-208677

in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information improper input. This vulnerability can be exploited only in restricted scenarios...

CVE-2026-1229

The CombinedMult function in the CIRCL ecc/p384 package secp384r1 curve produces an incorrect value for specific inputs. The issue is fixed by using complete addition formulas. ECDH and ECDSA signing relying on this curve are not affected. The bug was fixed in v1.6.3...

WeGIA input validation error vulnerability

WeGIA is a network manager for the welfare organization developed by Nilson Lazarin. Versions of WeGIA prior to 3.6.2 contained a vulnerability related to input validation errors. This vulnerability stemmed from the lack of validation or restrictions on the nextPage parameter in the...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989527)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989527 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Prevent panic when SDMA is disabled If the hfi1 module is loaded with HFI1CAPSDMA off,...

CVE-2025-40049

In the Linux kernel, the following vulnerability has been resolved: Squashfs: fix uninit-value in squashfsgetparent Syzkaller reports a "KMSAN: uninit-value in squashfsgetparent" bug. This is caused by openbyhandleat being called with a file handle containing an invalid parent inode number. In...

EUVD-2017-2323

Malware in sbrugna...

EUVD-2016-10181

Malware in sbrugna...

EUVD-2017-0350

Malware in sbrugna...

EUVD-2023-2511

Malicious code in bioql PyPI...

EUVD-2025-4788

Malicious code in bioql PyPI...

EUVD-2023-2904

Malicious code in bioql PyPI...

SUSE CVE-2025-39835

In the Linux kernel, the following vulnerability has been resolved: xfs: do not propagate ENODATA disk errors into xattr code ENODATA aka ENOATTR has a very specific meaning in the xfs xattr code; namely, that the requested attribute name could not be found. However, a medium error from disk may...

CVE-2025-38712 hfsplus: don't use BUG_ON() in hfsplus_create_attributes_file()

In the Linux kernel, the following vulnerability has been resolved: hfsplus: don't use BUGON in hfspluscreateattributesfile When the volume header contains erroneous values that do not reflect the actual state of the filesystem, hfsplusfillsuper assumes that the attributes file is not yet created...

CVE-2011-3413

creationtimestamp| type| source ---|---|--- 2025-08-31 03:01:15+00:00| seen| MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d 2025-08-31 03:12:51+00:00| seen| MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57...