20 matches found
CVE-2026-44830
Nocturne Memory is a lightweight, rollbackable, and visual Long-Term Memory Server for MCP Agents. Prior to 2.4.1, when APITOKEN is unset or empty, the BearerTokenAuthMiddleware bypasses authentication for all HTTP requests. Combined with the default 0.0.0.0 host binding and CORS alloworigins="",...
SUSE CVE-2026-33214
Weblate is a web based localization tool. In versions prior to 5.17, the translation memory API exposed unintended endpoints, which in turn didn't enforce proper access control. This issue has been fixed in version 5.17. If users are unable to update immediately, they can work around this issue b...
CVE-2026-33220
Weblate is a web based localization tool. In versions prior to 5.17, the translation memory API exposed unintended endpoints, which in turn didn't perform proper access control. This issue has been fixed in version 5.17. If developers are unable to update immediately, they can disable this featur...
CVE-2026-33214 Weblate has improper access control for the translation memory API
Weblate is a web based localization tool. In versions prior to 5.17, the translation memory API exposed unintended endpoints, which in turn didn't enforce proper access control. This issue has been fixed in version 5.17. If users are unable to update immediately, they can work around this issue b...
PT-2026-33114
Weblate is a web based localization tool. In versions prior to 5.17, the translation memory API exposed unintended endpoints, which in turn didn't enforce proper access control. This issue has been fixed in version 5.17. If users are unable to update immediately, they can work around this issue b...
Weblate 安全漏洞
Weblate is an open-source, copyleft, web-based free software system for continuous localization. Versions of Weblate prior to 5.17 contained security vulnerabilities, which were caused by the translation memory API exposing unauthorized endpoints and improper access controls...
CVE-2026-32927
Summary (concrete details): FUJI Electric V-SFT, versions 6.2.10.0 and earlier, contains an out-of-bounds read in VS6MemInIF!set_temp_type_default. Opening a crafted V7 file may disclose information from the affected product. Affected component is the V-SFT file handling logic (VS6MemInIF and V7 ...
CVE-2025-68773 spi: fsl-cpm: Check length parity before switching to 16 bit mode
In the Linux kernel, the following vulnerability has been resolved: spi: fsl-cpm: Check length parity before switching to 16 bit mode Commit fc96ec826bce "spi: fsl-cpm: Use 16 bit mode for large transfers with even size" failed to make sure that the size is really even before switching to 16 bit...
CVE-2025-47347
Memory corruption while processing control commands in the virtual memory management interface...
Linux Distros Unpatched Vulnerability : CVE-2025-37896
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: spi: spi-mem: Add fix to avoid divide error For some SPI flash memory operations, dummy byte...
CVE-2025-32086
Improperly implemented security check for standard in the DDRIO configuration for some IntelR XeonR 6 Processors when using IntelR SGX or IntelR TDX may allow a privileged user to potentially enable escalation of privilege via local access...
acpi: nfit: fix narrowing conversion in acpi_nfit_ctl
...
DEBIAN-CVE-2024-58069
In the Linux kernel, the following vulnerability has been resolved: rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read The nvmem interface supports variable buffer sizes, while the regmap interface operates with fixed-size storage. If an nvmem client uses a buffer size less than 4 byte...
PT-2024-34706 · Bhyve +1 · Bhyve +1
Name of the Vulnerable Software and Affected Versions: bhyve hypervisor affected versions not specified Description: The NVMe driver function nvme opc get log page is vulnerable to a buffer over-read from a guest-controlled value. This issue is related to the bhyve hypervisor and affects the NVMe...
Xen Denial of Service Vulnerability (CNVD-2020-53813)
Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. Xen has a security vulnerability. The...
Google Android External Memory Interface Elevation of Privilege Vulnerability
Android is a Linux-based open source operating system from Google and the Open Handset Alliance OHA in the U.S. External Memory Interface is one of the external memory interface components. A security vulnerability exists in the External Memory Interface component of Android. An attacker can...
VirtualBox 5.2.6.r120293 - VM Escape
VirtualBox 5.2.6.r120293 - VM Escape Oracle fixed some of the issues I reported in VirtualBox during the Oracle Critical Patch Update - April 2018. CVE-2018-2844 was an interesting double fetch vulnerability in VirtualBox Video Acceleration VBVA feature affecting Linux hosts. VBVA feature works o...
Android IMemory Native Interface Elevation of Privilege Vulnerability
Android is a Linux-based open source operating system developed by Google and the Open Handheld Alliance OHA, and the IMemory Native Interface is a memory-sharing interface that uses Ashmem Anonymous Shared Memory Driver. A boost vulnerability exists in Android's IMemory Native Interface. A local...
CVE-2015-5053
The host memory mapping path feature in the NVIDIA GPU graphics driver R346 before 346.87 and R352 before 352.41 for Linux and R352 before 352.46 for GRID vGPU and vSGA does not properly restrict access to third-party device IO memory, which allows attackers to gain privileges, cause a denial of...
kernel: ipc/shm.c: reading uninitialized stack memory
The copyshmidtouser function in ipc/shm.c in the Linux kernel before 2.6.37-rc1 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the shmctl system call and the "old shm interface."...