Rizin 资源管理错误漏洞

Rizin is a free, open-source reverse-engineering framework developed by the Rizin organization. It is used for analyzing binary files, disassembling code, debugging programs, as a forensics tool, and as a command-line hexadecimal editor capable of opening disk files. Rizin has a resource manageme...

EUVD-2026-25871

authd: Primary group ID is incorrectly set to value of UID...

ALPINE-CVE-2025-32988

A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name SAN entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1deletestructure on an ASN.1 node it do...

CVE-2025-32988

A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name SAN entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1deletestructure on an ASN.1 node it do...

Linux Distros Unpatched Vulnerability : CVE-2024-27418

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: mctp: take ownership of skb in mctplocaloutput Currently, mctplocaloutput only takes ownership of skb on success, and we may leak an skb if mctplocaloutput...

Enel X Waybox 安全漏洞

The Enel X Waybox is a home charging station from Enel X, Inc. A security vulnerability exists in version 3.0 of the Enel X Waybox that stems from incorrect file ownership of the Privileged Services Library, which results in an attacker would be able to execute arbitrary operating system commands...

Puppet Security Vulnerabilities

Puppet is a set of configuration management tools based on client/server C/S architecture from Puppet Labs in the United States, which can be used to manage configuration files, users, cron tasks, packages, system services, and so on. A security vulnerability exists in Puppet versions prior to...

DEBIAN-CVE-2023-6207

Ownership mismanagement led to a use-after-free in ReadableByteStreams This vulnerability affects Firefox 120, Firefox ESR 115.5.0, and Thunderbird 115.5...

netless Agora Flat Server 安全漏洞

The netless Agora Flat Server is a Node.js server for the Agora Flat open source classroom. A security vulnerability exists in netless Agora Flat Server, which stems from the remove API handling file ownership error in v1/controller/cloudStorage/alibabaCloud/remove/index.ts...

dovecot security update

CentOS Errata and Security Advisory CESA-2013:0520 Updated dovecot packages that fix three security issues and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System CVSS...