105 matches found
CVE-2025-63261
AWStats 8.0 is vulnerable to Command Injection via the open function...
AWStats 安全漏洞
AWStats is a log analysis tool developed by eldy, a personal developer. This software supports the analysis of web site logs on all operating systems such as IIS 5.0 and Apache. It can analyze logs from web, WAP, proxy, streaming servers, FTP, and mail servers. AWStats 8.0 has a security...
CVE-2025-63261
AWStats 8.0 is affected by CVE-2025-63261: a Command Injection vulnerability in the open function. Root cause and impact as per provided sources indicate potential impact to confidentiality, integrity, and availability (CVSS v3.1: 7.8, HIGH) when exploited locally. Public advisories and vendor re...
Dioxus Components security vulnerabilities
Dioxus Components is a basic component open-sourced by Dioxus Labs. Version 41e4242ecb1062d04ae42a5215363c1d9fd4e23a of Dioxus Components had a security vulnerability. This vulnerability stemmed from the useofanimatedopen function, which used the user-provided ID to format eval strings, potential...
CVE-2025-68821
A flaw was found in the Linux kernel's Filesystem in Userspace FUSE subsystem. This vulnerability allows a local attacker to cause a system-wide deadlock. The flaw occurs due to incorrect handling of inode references during readahead operations when the FUSE server does not implement the open...
CVE-1999-0322
The open function in FreeBSD allows local attackers to write to arbitrary files...
CVE-2022-50708
In the Linux kernel, the following vulnerability has been resolved: HSI: ssiprotocol: fix potential resource leak in ssippnopen ssippnopen claims the HSI client's port with hsiclaimport. When hsiregisterportevent gets some error and returns a negetive value, the HSI client's port should be releas...
PT-2025-52938
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A resource leak was identified in the ssip pn open function within the SSI protocol of the Linux kernel. Specifically, the function claims an HSI client's port using hsi claim port. If h...
CVE-2025-68339
In the Linux kernel, the following vulnerability has been resolved: atm/fore200e: Fix possible data race in fore200eopen Protect access to fore200e-availablecellrate with ratemtx lock in the error handling path of fore200eopen to prevent a data race. The field fore200e-availablecellrate is a shar...
PT-2025-49489
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A data race exists in the hidraw open function concerning the hidraw device reference counter. This occurs because the reference counter lacks a dedicated synchronization mechanism,...
EUVD-1999-0322
Malware in sbrugna...
EUVD-2017-7325
Malware in sbrugna...
EUVD-2025-24164
Malicious code in bioql PyPI...
SUSE CVE-2022-50245
In the Linux kernel, the following vulnerability has been resolved: rapidio: fix possible UAF when kfifoalloc fails If kfifoalloc fails in mportcdevopen, goto errfifo and just free priv. But priv is still in the chdev-filelist, then list traversal may cause UAF. This fixes the following smatch...
The __hash_open function in hash.c:229 in Mozilla Network Security Services (NSS) allows context-dependent attackers to cause a denial of service (floating point exception and crash) via a crafted cert8.db file.
...
OSV-2025-616 Heap-buffer-overflow in Open
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=437593508 Crash type: Heap-buffer-overflow READ 7 Crash state: Open demuxProbe vlcmoduleload...
PT-2025-18077 · Usermin · Usermin
Name of the Vulnerable Software and Affected Versions: Usermin versions 0.980 through 1.x before 1.660 Description: The issue allows remote code execution in uconfig save.cgi due to the use of the two-argument form of Perl open, specifically in the sig file free function. This enables an attacker...
Arbitrary Code Injection
Overview Affected versions of this package are vulnerable to Arbitrary Code Injection through the Open function of the file lmdeploy/docs/en/conf.py. An attacker can manipulate the input to execute arbitrary code by crafting malicious input that is processed by this function. Remediation There is...
PT-2025-14771 · Unknown · Internlm Lmdeploy
Name of the Vulnerable Software and Affected Versions: InternLM LMDeploy versions up to 0.7.1 Description: A critical vulnerability was found in InternLM LMDeploy, affecting the function Open of the file lmdeploy/docs/en/conf.py. The manipulation leads to code injection, and it is possible to...
kernel: uio: Fix use-after-free in uio_open
A flaw was found in the Linux kernel’s uio subsystem. A use-after-free memory flaw in the uioopen functionality allows a local user to crash or escalate their privileges on the system...