CVE-2025-21902

In the Linux kernel, the following vulnerability has been resolved: acpi: typec: ucsi: Introduce a -pollcci method For the ACPI backend of UCSI the UCSI "registers" are just a memory copy of the register values in an opregion. The ACPI implementation in the BIOS ensures that the opregion contents...

CVE-2025-21916

CVE-2025-21916 is part of Unity Linux/Fedora kernel advisories describing a fix for a flaw in USB ATM CXACRU endpoint checking. The root cause was insufficient verification of USB endpoint addresses in cxacru_bind(), leading to incorrect URB handling (e.g., bogus urb xfers). The mitigation is to ...

CVE-2025-21902

CVE-2025-21902 affects the Linux kernel (ACPI backends for UCSI). The vulnerability arises from the ucsi core handling of CCI polling and ACPI-opregion synchronization: backends may rely on an unnecessary/unsafe sync, which can be triggered while notifications are disabled and lead to a spurious ...

CVE-2025-21902 acpi: typec: ucsi: Introduce a ->poll_cci method

In the Linux kernel, the following vulnerability has been resolved: acpi: typec: ucsi: Introduce a -pollcci method For the ACPI backend of UCSI the UCSI "registers" are just a memory copy of the register values in an opregion. The ACPI implementation in the BIOS ensures that the opregion contents...

CVE-2025-21902 acpi: typec: ucsi: Introduce a ->poll_cci method

In the Linux kernel, the following vulnerability has been resolved: acpi: typec: ucsi: Introduce a -pollcci method For the ACPI backend of UCSI the UCSI "registers" are just a memory copy of the register values in an opregion. The ACPI implementation in the BIOS ensures that the opregion contents...

Private Data Structure Returned From A Public Method

Overview Affected versions of this package are vulnerable to Private Data Structure Returned From A Public Method. When a user accesses an externally referenced image, the provider of the image may obtain private information about the IP address of that accessing user. Remediation Upgrade...

Private Data Structure Returned From A Public Method

Overview Affected versions of this package are vulnerable to Private Data Structure Returned From A Public Method. When a user accesses an externally referenced image, the provider of the image may obtain private information about the IP address of that accessing user. Remediation Upgrade...

Apache Answer 安全漏洞

Apache Answer is a community platform of the Apache USA Foundation. An information disclosure vulnerability exists in Apache Answer 1.4.2 and earlier versions, which stems from a public method returning a private data structure, and can be exploited by an attacker to cause IP address disclosure...

GHSA-FCFQ-M8P6-GW56 Mobile Security Framework (MobSF) has a SSRF Vulnerability fix bypass on assetlinks_check with DNS Rebinding

Summary The latest deployed fix for the SSRF vulnerability is through the use of the call validhost. The code available at lines /ae34f7c055aa64fca58e995b70bc7f19da6ca33a/mobsf/MobSF/utils.pyL907-L957 is vulnerable to SSRF abuse using DNS rebinding technique. PoC The following proof of concept:...

PYSEC-2025-48

Mobile Security Framework MobSF is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. The mitigation for CVE-2024-29190 in validhost uses socket.gethostbyname, which is vulnerable to SSRF abuse using DNS rebinding technique. This...

jinja2: Jinja sandbox breakout through attr filter selecting format method

A flaw was found in Jinja. In affected versions, an oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker who controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content o...

ALSA-2025:3388 Important: python-jinja2 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

CVE-2024-56975

InvoicePlane all versions tested as of December 2024 v.1.6.11 and before contains a remote code execution vulnerability in the uploadfile method of the Upload controller...

CVE-2025-21878

In the Linux kernel, the following vulnerability has been resolved: i2c: npcm: disable interrupt enable bit before devmrequestirq The customer reports that there is a soft lockup issue related to the i2c driver. After checking, the i2c module was doing a tx transfer and the bmc machine reboots in...

depath and cool-path vulnerable to Prototype Pollution via `set()` Method

janryWang products depath v1.0.6 and cool-path v1.1.2 were discovered to contain a prototype pollution via the set method at setIn lib/index.js:90. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

GHSA-4H4X-4M75-47J4 depath and cool-path vulnerable to Prototype Pollution via `set()` Method

janryWang products depath v1.0.6 and cool-path v1.1.2 were discovered to contain a prototype pollution via the set method at setIn lib/index.js:90. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

CVE-2024-56975

InvoicePlane all versions tested as of December 2024 v.1.6.11 and before contains a remote code execution vulnerability in the uploadfile method of the Upload controller...

Security update for python-Jinja2

This update for python-Jinja2 fixes the following issues: CVE-2025-27516: Fixed Jinja sandbox breakout through attr filter selecting format method bsc1238879 CVE-2024-56201: Fixed sandbox breakout through malicious content and filename of a template bsc1234808 CVE-2024-56326: Fixed sandbox breako...

OSV-2025-240 Security exception in com.powsybl.commons.xml.XmlUtil.lambda$skipSubElements$0

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=406332767 Crash type: Security exception Crash state: com.powsybl.commons.xml.XmlUtil.lambda$skipSubElements$0 com.powsybl.commons.xml.XmlUtil.readSubElements com.powsybl.commons.xml.XmlUtil.skipSubElements...

PT-2025-13573 · Unknown · Invoiceplane

Name of the Vulnerable Software and Affected Versions: InvoicePlane versions 1.6.11 and before Description: The issue concerns a remote code execution vulnerability in the upload file method of the Upload controller. This vulnerability allows for remote code execution, potentially leading to...