ROS-20260605-73-0058

Vulnerability of Audio/Video components: Mozilla Firefox, Firefox ESR, and Thunderbird’s email client use web codecs. This vulnerability is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

ROS-20260603-73-0001

The vulnerability of the .NET software platform is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

ROS-20260603-73-0002

The vulnerability of the .NET software platform is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the smbdirectsendbatch process. In this process, requests may not be signaled with IBSENDSIGNALED...

Ella Core 代码问题漏洞

Ella Core is an open-source solution developed by Ella Networks for use in private networks as a 5G core network solution. Versions of Ella Core prior to 1.7.0 contained code vulnerabilities. These vulnerabilities stemmed from kernel crashes that occurred when processing authentication responses...

Silicon Labs Gecko SDK和Silicon Labs Simplicity SDK 安全漏洞

The Silicon Labs Gecko SDK GSDK and Silicon Labs Simplicity SDK are both open-source products from Silicon Labs. The Silicon Labs Gecko SDK is a library that combines the Silicon Labs wireless software development kit SDK with the Gecko platform into an integrated software package. The Silicon La...

SAP BusinessObjects BI Platform 安全漏洞

SAP BusinessObjects BI Platform is a centralized suite provided by German company SAP for data reporting, visualization, and sharing. There is a security vulnerability in the SAP BusinessObjects BI Platform; this vulnerability can cause the Content Management Server to crash and restart, resultin...

EUVD-2020-27369

Malware in sbrugna...

EUVD-2025-7012

Malicious code in bioql PyPI...

EUVD-2024-29060

Malicious code in bioql PyPI...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly handling routine rq reactivation after an XSK socket shutdown, which could result in reading...

CVE-2024-31152

The LevelOne WBR-6012 router with firmware R0.40e6 is vulnerable to improper resource allocation within its web application, where a series of crafted HTTP requests can cause a reboot. This could lead to network service interruptions...

CVE-2022-49767

CVE-2022-49767 affects the Linux kernel 9p/trans_fd path. The issue arises because p9_mux_poll_stop() could fail to interrupt blocking kernel_read()/kernel_write() on pipes due to fd_open() not setting O_NONBLOCK, whereas socket paths already use O_NONBLOCK. A minimal patch makes O_NONBLOCK alway...

Citrix DaaS Studio: Resolving VM List Delay Due to Cloud Connector Timeout

Administrators may encounter a delay when retrieving the list of machines from Citrix Cloud in a particular resource location. This issue is often observed under the following circumstances: The Cloud Connector is unavailable or unresponsive. The connector is undergoing maintenance or is being...

GHSA-CHF7-Q7M5-FQ92 Open WebUI Uncontrolled Resource Consumption vulnerability

In version 0.3.32 of open-webui/open-webui, the absence of authentication mechanisms allows any unauthenticated attacker to access the api/v1/utils/code/format endpoint. If a malicious actor sends a POST request with an excessively high volume of content, the server could become completely...

Open WebUI Uncontrolled Resource Consumption vulnerability

In version 0.3.32 of open-webui/open-webui, the absence of authentication mechanisms allows any unauthenticated attacker to access the api/v1/utils/code/format endpoint. If a malicious actor sends a POST request with an excessively high volume of content, the server could become completely...

CVE-2024-12537

In version 0.3.32 of open-webui/open-webui, the absence of authentication mechanisms allows any unauthenticated attacker to access the api/v1/utils/code/format endpoint. If a malicious actor sends a POST request with an excessively high volume of content, the server could become completely...

CVE-2024-12537

Summary: CVE-2024-12537 affects open-webui/open-webui v0.3.32, where unauthenticated access to /api/v1/utils/code/format can be abused by a high-volume POST to trigger unresponsiveness. Documented impact is denial of service / service degradation. A remediation is available: upgrade to open-webui...

PT-2025-36309

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw where user code could potentially execute a Load Word and Swap LWS compare and swap operation at a memory address protected against read access at...

CVE-2024-31152

The LevelOne WBR-6012 router with firmware R0.40e6 is vulnerable to improper resource allocation within its web application, where a series of crafted HTTP requests can cause a reboot. This could lead to network service interruptions...