CVE-2023-54080 btrfs: zoned: skip splitting and logical rewriting on pre-alloc write

In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: skip splitting and logical rewriting on pre-alloc write When doing a relocation, there is a chance that at the time of btrfsrelocclonecsums, there is no checksum for the corresponding region. In this case,...

PT-2025-53157

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.5.0-rc6-kts+ Description The Linux kernel contains a flaw within the btrfs zoned mode related to handling pre-allocated writes during relocation. Specifically, the issue arises when a checksum is unavailable fo...

Zabbix Frontend 跨站脚本漏洞

Zabbix Frontend is a monitoring software front-end tool from the American company Zabbix. A cross-site scripting vulnerability exists in Zabbix Frontend that stems from a graphical page that lacks checksum filters for user-supplied data and output. An authenticated attacker can exploit this...

Zoo Management System 跨站脚本漏洞

PHPGURUKUL Zoo Management System is a zoo management system by Phpgurukul team. A cross-site scripting vulnerability exists in Zoo Management System v1.0, which stems from a lack of checksum filtering of user-supplied data and output in the Add Category feature. The vulnerability can be exploited...

ftcms 安全漏洞

ftcms is a content management system from ftcms. ftcms version 2.1 and previous versions have an arbitrary file write vulnerability, which originates from the lack of valid file checksum in admin/controllers/tp.php and can be exploited by attackers to cause arbitrary file writes...

Microweber 跨站脚本漏洞

Microweber is a drag-and-drop online store management system from the Microweber community in the United States. The system includes modules for adding products, images, etc. A cross-site scripting vulnerability exists in Microweber, which stems from the program's lack of checksum filtering of...

Xiaomi MIUI 安全漏洞

Xiaomi MIUI is an Android-based smartphone operating system developed by Xiaomi Technology China, Inc. A security vulnerability exists in Xiaomi MIUI due to a lack of checksum when using incoming parameters from a three-party application, which could be exploited by attackers to induce users to...

Snipe-IT 跨站请求伪造漏洞

Snipe-IT is an open source IT asset/license management system. Snipe-IT is vulnerable to cross-site request forgery, which stems from a lack of csrf checksum for POST requests in the software's view.blade.php file, and can be exploited by attackers to launch cross-site request forgery attacks...

Huawei OxfordS-AN00A 输入验证错误漏洞

Huawei OxfordS-AN00A is a smartphone from Huawei China.The Huawei OxfordS-AN00A is vulnerable to an input validation error, which stems from a missing parameter checksum. An attacker could trick users into installing a malicious app, which could modify specific parameters and cause the system to...

Huawei P30 Pro Buffer Overflow Vulnerability (CNVD-2020-48584)

Huawei P30 Pro is a smartphone from Chinese company Huawei Huawei. A buffer overflow vulnerability exists in a module in versions prior to Huawei P30 Pro 10.1.0.160 C00E160R2P8, which stems from a function of the module missing a specific checksum when processing messages sent by other modules. A...

Security Bulletin: Multi-Cloud Data Encryption (MDE) is affected by a missing checksum vulnerability

Summary Security Bulletin: Multi-Cloud Data Encryption MDE has addressed a missing checksum vulnerability Vulnerability Details CVEID: CVE-2018-1593 DESCRIPTION: IBM Multi-Cloud Data Encryption MDE could allow an unauthorized user to manipulate data due to missing file checksums. CVSS Base Score:...

krb5: null pointer dereference in GSS-API library leads to DoS (MITKRB5-SA-2010-005)

The kgacceptkrb5 function in krb5/acceptseccontext.c in the GSS-API library in MIT Kerberos 5 aka krb5 through 1.7.1 and 1.8 before 1.8.2, as used in kadmind and other applications, does not properly check for invalid GSS-API tokens, which allows remote authenticated users to cause a denial of...

krb5: null pointer dereference in GSS-API library leads to DoS (MITKRB5-SA-2010-005)

The kgacceptkrb5 function in krb5/acceptseccontext.c in the GSS-API library in MIT Kerberos 5 aka krb5 through 1.7.1 and 1.8 before 1.8.2, as used in kadmind and other applications, does not properly check for invalid GSS-API tokens, which allows remote authenticated users to cause a denial of...

DEBIAN-CVE-2010-1321

The kgacceptkrb5 function in krb5/acceptseccontext.c in the GSS-API library in MIT Kerberos 5 aka krb5 through 1.7.1 and 1.8 before 1.8.2, as used in kadmind and other applications, does not properly check for invalid GSS-API tokens, which allows remote authenticated users to cause a denial of...