18798 matches found
GHSA-RG58-XHH7-MQJW Apache Struts has a Denial of Service vulnerability
Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.4, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue...
Apache Struts has a Denial of Service vulnerability
Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.4, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue...
CVE-2025-66675
Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.4, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue. It's related...
CVE-2025-66675
Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.4, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue. It's related...
CVE-2025-66675 Apache Struts: File leak in multipart request processing causes disk exhaustion (DoS) - version ranges fixed
Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.4, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue. It's related...
CVE-2025-66675
The CVE-2025-66675 issue is an Apache Struts Denial of Service vulnerability caused by a file leak during multipart request processing, which can lead to disk exhaustion. Affected versions are Struts 2.0.0–6.7.4 and 7.0.0–7.0.3. The documented remediation is to upgrade to Struts 6.8.0 or 7.1.1, w...
CVE-2025-66675 Apache Struts: File leak in multipart request processing causes disk exhaustion (DoS) - version ranges fixed
Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.4, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue. It's related...
[SECURITY] Fedora 42 Update: imhex-1.37.4-3.fc42
ImHex is a Hex Editor, a tool to display, decode and analyze binary data to reverse engineer their format, extract informations or patch values in them. What makes ImHex special is that it has many advanced features that can often only be found in paid applications. Such features are a completely...
PT-2025-50317
Name of the Vulnerable Software and Affected Versions Apache Struts versions 2.0.0 through 6.7.4 Apache Struts versions 7.0.0 through 7.0.3 Description A denial of service issue exists in Apache Struts due to a file leak during multipart request processing, which can lead to disk exhaustion...
Gitlab -- vulnerabilities
Gitlab reports: Cross-site scripting issue in Wiki impacts GitLab CE/EE Improper encoding in vulnerability reports impacts GitLab CE/EE Cross-site scripting issue in Swagger UI impacts GitLab CE/EE Denial of service issue in GraphQL endpoints impacts GitLab CE/EE Authentication bypass issue for...
Linux Distros Unpatched Vulnerability : CVE-2023-53831
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: read sk-skfamily once in skmcloop syzbot is playing with IPV6ADDRFORM quite a lot these days, and managed to hit the WARNONONCE1 in skmcloop We have many...
PT-2025-50551
Name of the Vulnerable Software and Affected Versions ImageMagick versions 7.1.2-9 and prior Description ImageMagick is a software suite used for image creation, editing, composition, and conversion. A critical integer overflow exists in the TIM PSX TIM image parser's ReadTIMImage function...
ImageMagick 缓冲区错误漏洞
ImageMagick is a suite of open source image processing software from ImageMagick Open Source. It can read, convert or write images in many formats. A buffer error vulnerability exists in ImageMagick 7.1.2-9 and earlier versions, which stems from an integer overflow that could result in an...
EUVD-2023-60174
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Ignore frags from uninitialized peer in dp. When max virtual ap interfaces are configured in all the bands with ACS and hostapd restart is done every 60s, a crash is observed at random times. In this certain scenari...
CVE-2025-40336
In the Linux kernel, the following vulnerability has been resolved: drm/gpusvm: fix hmmpfntomaporder usage Handle the case where the hmm range partially covers a huge page like 2M, otherwise we can potentially end up doing something nasty like mapping memory which is outside the range, and maybe...
DEBIAN-CVE-2023-53822
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Ignore frags from uninitialized peer in dp. When max virtual ap interfaces are configured in all the bands with ACS and hostapd restart is done every 60s, a crash is observed at random times. In this certain scenari...
CVE-2023-53822
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Ignore frags from uninitialized peer in dp. When max virtual ap interfaces are configured in all the bands with ACS and hostapd restart is done every 60s, a crash is observed at random times. In this certain scenari...
CVE-2025-40329
The CVE-2025-40329 entry documents a deadlock in the Linux kernel’s DRM scheduler, specifically in drm_sched_entity_kill_jobs_cb. The issue arises when a fence callback (executed in interrupt context) tries to acquire dma_fence/additional locks while another CPU holds xa_lock, creating a potentia...
CVE-2025-66568 ruby-saml Libxml2 Canonicalization errors can bypass Digest/Signature validation
The ruby-saml library implements the client side of an SAML authorization. Versions up to and including 1.12.4, are vulnerable to authentication bypass through the libxml2 canonicalization process used by Nokogiri for document transformation, which allows an attacker to execute a Signature Wrappi...
CVE-2023-53822 wifi: ath11k: Ignore frags from uninitialized peer in dp.
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Ignore frags from uninitialized peer in dp. When max virtual ap interfaces are configured in all the bands with ACS and hostapd restart is done every 60s, a crash is observed at random times. In this certain scenari...