Apache Struts is Vulnerable to DoS via File Leak

Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.0, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue...

EUVD-2025-200019

Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.0, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue...

CVE-2025-64775

Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.0, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue...

CVE-2025-64775 Apache Struts: File leak in multipart request processing causes disk exhaustion (DoS)

Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.0, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue...

CVE-2025-64775

CVE-2025-64775 affects Apache Struts 2.x (2.0.0–6.7.0) and 7.0.0–7.0.3. The issue is a denial of service caused by a file leak in multipart request processing that can exhaust disk space. The available public details describe the impact as DoS and do not indicate exploitation specifics beyond the...

CVE-2025-64775 Apache Struts: File leak in multipart request processing causes disk exhaustion (DoS)

Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.0, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue...

EUVD-2025-199983

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU processing operations to expose sensitive data.This issue affects...

EUVD-2025-199978

Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger reads of stale data that can lead to kernel exceptions and write use-after-free. The Use After Free common weakness enumeration was chosen as the stale data can include handles to resources in whi...

CVE-2025-8045

Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU processing operations to gain access to already freed memory.This issue affects Valhall GPU Kernel Driver: from...

CVE-2025-6349 Mali GPU Kernel Driver allows improper GPU memory processing operations

Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU memory processing operations to gain access to already freed memory.This issue affects Valhall GPU Kernel Driver...

CVE-2025-2879 Mali GPU Kernel Driver allows improper GPU processing operations

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU processing operations to expose sensitive data.This issue affects...

CVE-2025-2879 Mali GPU Kernel Driver allows improper GPU processing operations

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU processing operations to expose sensitive data.This issue affects...

CVE-2025-2879

CVE-2025-2879 affects Arm Valhall GPU Kernel Driver and Arm 5th Gen GPU Architecture Kernel Driver. A local, non-privileged user could perform improper GPU processing operations to expose sensitive data. Affected versions: Valhall: r29p0–r49p4 and r50p0–r54p0; Arm 5th Gen: r41p0–r49p4 and r50p0–r...

PT-2025-48439

Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger reads of stale data that can lead to kernel exceptions and write use-after-free. The Use After Free common weakness enumeration was chosen as the stale data can include handles to resources in whi...

Apache Struts 安全漏洞

Apache Struts is an open source project of the Apache USA Foundation, a set of open source MVC frameworks for creating enterprise Java web applications, offering two main versions of the framework product, Struts 1 and Struts 2. A security vulnerability exists in Apache Struts versions 2.0.0...

In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time.

...

SUSE CVE-2025-66382

In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time...

OSV-2025-955 Use-of-uninitialized-value in decoder_context::construct_reference_picture_lists

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=464323256 Crash type: Use-of-uninitialized-value Crash state: decodercontext::constructreferencepicturelists decodercontext::processslicesegmentheader decodercontext::readsliceNAL...

Retro 跨站脚本漏洞

Retro is an online platform for displaying vintage style items by the individual developer Lakshmi Pavananjali. A cross-site scripting vulnerability exists in Retro versions prior to 2.4.7, which stems from the input processing component being susceptible to cross-site scripting attacks...

CVE-2025-66382

A flaw was found in libexpat. This vulnerability allows a denial of service DoS by processing a crafted file with an approximate size of 2 MiB, leading to dozens of seconds of processing time...