GitLab 安全漏洞

GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD Continuous Integration and Delivery. Prior to GitLab CE/EE 18.8.4, there was a security vulnerability. This...

Uncovering Hidden Inclusions of Vulnerable Dependencies in Real-World Java Projects

Open-source software OSS dependencies are a dominant component of modern software code bases. Using proven and well-tested OSS components lets developers reduce development time and cost while improving quality. However, heavy reliance on open-source software also introduces significant security...

CVE-2021-47757

Chikitsa Patient Management System 2.0.2 contains an authenticated remote code execution vulnerability in the backup restoration functionality. Authenticated attackers can upload a modified backup zip file with a malicious PHP shell to execute arbitrary system commands on the server...

CVE-2010-0141

MeetingTime in Cisco Unified MeetingPlace 6 before MR5, and possibly 5, allows remote attackers to discover usernames, passwords, and unspecified other data from the user database via a modified authentication sequence to the Audio Server, aka Bug ID CSCsv76935...

CVE-2010-0142

MeetingTime in Cisco Unified MeetingPlace 6 before MR5, and possibly 5, allows remote authenticated users to gain privileges via a modified authentication sequence, aka Bug ID CSCsv66530...

CVE-2021-33887

Insufficient verification of data authenticity in Peloton TTR01 up to and including PTV55G allows an attacker with physical access to boot into a modified kernel/ramdisk without unlocking the bootloader...

CVE-2020-24807

The socket.io-file package through 2.0.31 for Node.js relies on client-side validation of file types, which allows remote attackers to execute arbitrary code by uploading an executable file via a modified JSON name field. NOTE: This vulnerability only affects products that are no longer supported...

CVE-2024-39828

R74n Sandboxels 1.9 through 1.9.5 allows XSS via a message in a modified saved-game file. This was fixed in a hotfix to 1.9.5 on 2024-06-29...

CVE-2021-27097

The boot loader in Das U-Boot before 2021.04-rc2 mishandles a modified FIT...

SUSE CVE-2025-68972

In GnuPG through 2.4.8, if a signed message has \f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds although an "invalid armor" message is printed...

CVE-2025-65829

The ESP32 system on a chip SoC that powers the Meatmeet basestation device was found to lack Secure Boot. The Secure Boot feature ensures that only authenticated software can execute on the device. The Secure Boot process forms a chain of trust by verifying all mutable software entities involved ...

SUSE CVE-2022-50622

In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential memory leak in ext4fcrecordmodifiedinode As krealloc may return NULL, in this case 'state-fcmodifiedinodes' may not be freed by krealloc, but 'state-fcmodifiedinodes' already set NULL. Then will lead to...

EUVD-2022-55690

In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential memory leak in ext4fcrecordmodifiedinode As krealloc may return NULL, in this case 'state-fcmodifiedinodes' may not be freed by krealloc, but 'state-fcmodifiedinodes' already set NULL. Then will lead to...

DEBIAN-CVE-2022-50622

In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential memory leak in ext4fcrecordmodifiedinode As krealloc may return NULL, in this case 'state-fcmodifiedinodes' may not be freed by krealloc, but 'state-fcmodifiedinodes' already set NULL. Then will lead to...

CVE-2022-50622

In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential memory leak in ext4fcrecordmodifiedinode As krealloc may return NULL, in this case 'state-fcmodifiedinodes' may not be freed by krealloc, but 'state-fcmodifiedinodes' already set NULL. Then will lead to...

UBUNTU-CVE-2022-50622

In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential memory leak in ext4fcrecordmodifiedinode As krealloc may return NULL, in this case 'state-fcmodifiedinodes' may not be freed by krealloc, but 'state-fcmodifiedinodes' already set NULL. Then will lead to...

CVE-2022-50622 ext4: fix potential memory leak in ext4_fc_record_modified_inode()

In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential memory leak in ext4fcrecordmodifiedinode As krealloc may return NULL, in this case 'state-fcmodifiedinodes' may not be freed by krealloc, but 'state-fcmodifiedinodes' already set NULL. Then will lead to...

CVE-2022-50622

In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential memory leak in ext4fcrecordmodifiedinode As krealloc may return NULL, in this case 'state-fcmodifiedinodes' may not be freed by krealloc, but 'state-fcmodifiedinodes' already set NULL. Then will lead to...

CVE-2022-50622

The CVE-2022-50622 entry relates to the Linux kernel, where ext4 fixes a potential memory leak in ext4_fc_record_modified_inode(). The issue occurs because krealloc may return NULL, leaving state->fc_modified_inodes NULL but not freeing the previously allocated memory, causing a leak. A patch ...

PT-2025-49463

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists within the ext4 filesystem code, specifically in the ext4 fc record modified inode function. The issue arises because krealloc may return NULL, potentially preventin...