CVE-2026-48858

Server-Side Request Forgery SSRF vulnerability in Erlang/OTP ftp ftpinternal module allows FTP bounce attacks and SSRF via an unvalidated PASV response IP address. The ftpinternal:handlectrlresult/2 PASV handler mode=passive, ipfamily=inet, ftpextension=false extracts the IP address from the...

LibreChat 信息泄露漏洞

LibreChat is an open-source, free, and highly customizable unified AI dialogue platform. It allows for the aggregation and running of large models from any vendor within a single interface. Versions of LibreChat 0.8.3 and earlier contained a security vulnerability known as information leakage. Th...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the incorrect setting of a special inode in hfsplus as of the SIFREG type, potentially leading to...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21787)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21787 advisory. - In the Linux kernel, the following vulnerability has been resolved: team: better TEAMOPTIONTYPESTRING...

WordPress plugin Player Leaderboard 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A path traversal...

EUVD-2016-4867

Malware in sbrugna...

UBUNTU-CVE-2023-53576

In the Linux kernel, the following vulnerability has been resolved: nullblk: Always check queue mode setting from configfs Make sure to check device queue mode in the nullvalidateconf and return error for NULLQRQ as we don't allow legacy I/O path, without this patch we get OOPs when queue mode is...

CVE-2023-53576

CVE-2023-53576 affects the Linux kernel’s null_blk driver. The patch ensures queue mode is always validated from configfs by checking queue_mode in null_validate_conf() and returning an error for NULL_Q_RQ to prevent a NULL I/O path OOPs when queue_mode is set to 1. Reproduction steps are provide...

AZL-49806 CVE-2024-46806 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix the warning division or modulo by zero Checks the partition mode and returns an error for an invalid mode...

DEBIAN-CVE-2021-47108

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: hdmi: Perform NULL pointer check for mtkhdmiconf In commit 41ca9caaae0b "drm/mediatek: hdmi: Add check for CEA modes only" a check for CEA modes was added to function mtkhdmibridgemodevalid in order to address...

UBUNTU-CVE-2021-47108

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: hdmi: Perform NULL pointer check for mtkhdmiconf In commit 41ca9caaae0b "drm/mediatek: hdmi: Add check for CEA modes only" a check for CEA modes was added to function mtkhdmibridgemodevalid in order to address...

Qualcomm 芯片安全漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc., and from time to time manufactured on the surface of semiconductor wafers. A security vulnerability exists in a number of Qualcomm products,...

Google Android Qualcomm WLAN Information Disclosure Vulnerability (CNVD-2018-05997)

Android on Google Pixel and Nexus is a Linux-based open source operating system for the Google Pixel and Nexus smartphones developed by Google Inc. and the Open Handset Alliance OHA, with Qualcomm WLAN being one of the components used. Qualcomm WLAN is a wireless LAN component developed by Qualco...

The vulnerability of the Hyper-V operating system application in Windows, allowing a hacker to execute arbitrary code

The vulnerability of the Hyper-V operating system’s hypervisor exists due to insufficient validation of input data by the privileged user during guest mode. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

CVE-2016-3854

drivers/media/video/msm/msmmctlbuf.c in the Qualcomm components in Android before 2016-08-05 does not validate the image mode, which allows attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via a crafted application, aka Qualcomm internal...

Out-of-bounds

drivers/media/video/msm/msmmctlbuf.c in the Qualcomm components in Android before 2016-08-05 does not validate the image mode, which allows attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via a crafted application, aka Qualcomm internal...

UBUNTU-CVE-2016-3854

drivers/media/video/msm/msmmctlbuf.c in the Qualcomm components in Android before 2016-08-05 does not validate the image mode, which allows attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via a crafted application, aka Qualcomm internal...