F5 BIG-IP AFM 代码问题漏洞

F5 BIG-IP AFM is a high-level firewall product developed by F5 Corporation in the United States, designed to protect against DDoS attacks. There is a code vulnerability in F5 BIG-IP AFM, where unacknowledged traffic may lead to TMM termination...

Amazon Linux 2023 : libnvsdm (ALAS2023NVIDIA-2026-269)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023NVIDIA-2026-269 advisory. NVIDIA Display Driver for Linux contains a vulnerability in the NVIDIA kernel module where an attacker could cause an integer overflow or wraparound. A successful exploit of this vulnerability mig...

Amazon Linux 2023 : nvidia-modprobe (ALAS2023NVIDIA-2026-264)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023NVIDIA-2026-264 advisory. NVIDIA Display Driver for Linux contains a vulnerability in the NVIDIA kernel module where an attacker could cause an integer overflow or wraparound. A successful exploit of this vulnerability mig...

Amazon Linux 2023 : nvidia-libXNVCtrl, nvidia-libXNVCtrl-devel, nvidia-settings (ALAS2023NVIDIA-2026-265)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023NVIDIA-2026-265 advisory. NVIDIA Display Driver for Linux contains a vulnerability in the NVIDIA kernel module where an attacker could cause an integer overflow or wraparound. A successful exploit of this vulnerability mig...

PT-2026-20373

Name of the Vulnerable Software and Affected Versions Libredesk versions prior to 1.0.2-0.20260215211005-727213631ce6 Description Libredesk, a self-hosted customer support desk application, is susceptible to a Server-Side Request Forgery SSRF issue in its Webhooks module. An authenticated...

Important: nvidia-open

Issue Overview: NVIDIA Display Driver for Linux contains a vulnerability in the NVIDIA kernel module where an attacker could cause an integer overflow or wraparound. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of servic...

Amazon Linux 2023 : nvidia, nvidia-fabric-manager (ALAS2023NVIDIA-2026-268)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023NVIDIA-2026-268 advisory. NVIDIA Display Driver for Linux contains a vulnerability in the NVIDIA kernel module where an attacker could cause an integer overflow or wraparound. A successful exploit of this vulnerability mig...

CVE-2025-70063

The 'Medical History' module in PHPGurukul Hospital Management System v4.0 contains an Insecure Direct Object Reference IDOR vulnerability. The application fails to verify that the requested 'viewid' parameter belongs to the currently authenticated patient. This allows a user to access the...

Race Condition

Overview Affected versions of this package are vulnerable to Race Condition in which maps from multiple components may be accessed without synchronization. When under heavy concurrent activity, either spontaneous or attacker-generated, the process can be caused to panic and crash with fatal error...

Security update for kubernetes-old

This update for kubernetes-old rebuilds it against the current GO security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: openSUSE Leap...

Security update for kubernetes

This update for kubernetes rebuilds it against the current GO security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: openSUSE Leap 15.6...

CVE-2025-8303

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in EKA Software Computer Information Advertising Services Ltd. Real Estate Script V5 With Doping Module – Store Module – New Language System allows Cross-Site Scripting XSS. This issue affects...

CVE-2025-8303 XSS in EKA Software's Real Estate Script V5 (With Doping Module – Store Module – New Language System)

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in EKA Software Computer Information Advertising Services Ltd. Real Estate Script V5 With Doping Module – Store Module – New Language System allows Cross-Site Scripting XSS. This issue affects...

CVE-2025-8303

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in EKA Software Computer Information Advertising Services Ltd. Real Estate Script V5 With Doping Module – Store Module – New Language System allows Cross-Site Scripting XSS. This issue affects...

ALPINE-CVE-2026-2474

Crypt::URandom versions from 0.41 before 0.55 for Perl is vulnerable to a heap buffer overflow in the XS function crypturandomgetrandom. The function does not validate that the length parameter is non-negative. If a negative value e.g. -1 is supplied, the expression length + 1u causes an integer...

CVE-2026-2474

Crypt::URandom versions from 0.41 before 0.55 for Perl is vulnerable to a heap buffer overflow in the XS function crypturandomgetrandom. The function does not validate that the length parameter is non-negative. If a negative value e.g. -1 is supplied, the expression length + 1u causes an integer...

CVE-2026-2474 Crypt::URandom versions from 0.41 before 0.55 for Perl is vulnerable to a heap buffer overflow in the XS function crypt_urandom_getrandom()

Crypt::URandom versions from 0.41 before 0.55 for Perl is vulnerable to a heap buffer overflow in the XS function crypturandomgetrandom. The function does not validate that the length parameter is non-negative. If a negative value e.g. -1 is supplied, the expression length + 1u causes an integer...

CVE-2026-2474

Crypt::URandom versions from 0.41 before 0.55 for Perl is vulnerable to a heap buffer overflow in the XS function crypturandomgetrandom. The function does not validate that the length parameter is non-negative. If a negative value e.g. -1 is supplied, the expression length + 1u causes an integer...

CVE-2026-2474

Crypt::URandom versions from 0.41 before 0.55 for Perl is vulnerable to a heap buffer overflow in the XS function crypturandomgetrandom. The function does not validate that the length parameter is non-negative. If a negative value e.g. -1 is supplied, the expression length + 1u causes an integer...

CVE-2025-22885

Improper buffer restrictions in the firmware for the TDX Module may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack...