28891 matches found
CVE-2022-49764
In the Linux kernel, the following vulnerability has been resolved: bpf: Prevent bpf program recursion for raw tracepoint probes We got report from sysbot 1 about warnings that were caused by bpf program attached to contentionbegin raw tracepoint triggering the same tracepoint by using...
PT-2025-18557 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A problem of alignment in the bpf prog test run skb function has been resolved. The issue occurred when the size of the user bpf program was an odd number, causing unaligned access to...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a recursive call to the bpf program, which could lead to a deadlock...
SUSE CVE-2024-58099
In the Linux kernel, the following vulnerability has been resolved: vmxnet3: Fix packet corruption in vmxnet3xdpxmitframe Andrew and Nikolay reported connectivity issues with Cilium's service load-balancing in case of vmxnet3. If a BPF program for native XDP adds an encapsulation header such as...
Wordfence: The World’s Leading Quality WordPress Vulnerability Intelligence Provider
On April 8th, 2024, we released our 2024 Annual WordPress Security Report, highlighting key trends and insights across the evolving landscape of WordPress security. Today, we want to shine a spotlight on Wordfence’s contributions through our Bug Bounty Program, and reaffirm our commitment to...
DEBIAN-CVE-2024-58099
In the Linux kernel, the following vulnerability has been resolved: vmxnet3: Fix packet corruption in vmxnet3xdpxmitframe Andrew and Nikolay reported connectivity issues with Cilium's service load-balancing in case of vmxnet3. If a BPF program for native XDP adds an encapsulation header such as...
CVE-2024-58099
In the Linux kernel, the following vulnerability has been resolved: vmxnet3: Fix packet corruption in vmxnet3xdpxmitframe Andrew and Nikolay reported connectivity issues with Cilium's service load-balancing in case of vmxnet3. If a BPF program for native XDP adds an encapsulation header such as...
CVE-2024-58099
The CVE-2024-58099 issue affects Linux kernel vmxnet3 when a native XDP program adds an encapsulation header (e.g., IPIP) and uses the same interface for transmission. The root cause is a fixed DMA offset in vmxnet3_xdp_xmit_frame(): tbi->dma_addr = page_pool_get_dma_addr(page) + VMXNET3_XDP_H...
CVE-2024-58099 vmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame
In the Linux kernel, the following vulnerability has been resolved: vmxnet3: Fix packet corruption in vmxnet3xdpxmitframe Andrew and Nikolay reported connectivity issues with Cilium's service load-balancing in case of vmxnet3. If a BPF program for native XDP adds an encapsulation header such as...
CVE-2025-3224
A vulnerability in the update process of Docker Desktop for Windows versions prior to 4.41.0 could allow a local, low-privileged attacker to escalate privileges to SYSTEM. During an update, Docker Desktop attempts to delete files and subdirectories under the path C:\ProgramData\Docker\config with...
CVE-2025-32787
SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. Versions 5.02.5184 to 5.02.5187 are vulnerable to NULL dereference in DeleteIPv6DefaultRouterInRA called by StorePacket. Before dereferencing, DeleteIPv6DefaultRouterInRA does not account for ParsePacket returning NULL,...
CVE-2025-3509
A Remote Code Execution RCE vulnerability was identified in GitHub Enterprise Server that allowed attackers to execute arbitrary code by exploiting the pre-receive hook functionality, potentially leading to privilege escalation and system compromise. The vulnerability involves using dynamically...
CVE-2025-46230 WordPress Popup Builder plugin <= 1.1.35 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in GhozyLab Popup Builder easy-notify-lite allows PHP Local File Inclusion.This issue affects Popup Builder: from n/a through = 1.1.35...
CVE-2025-1056
CVE-2025-1056 affects Axis Camera Station Pro. A non-admin user can modify a specific file used by the server to create files or alter content in an admin-protected location. Axis has released a patched version; see Axis security advisory for details and remediation steps. The connected Red Hat, ...
SUSE CVE-2025-22105
In the Linux kernel, the following vulnerability has been resolved: bonding: check xdp prog when set bond mode Following operations can trigger a warning1: ip netns add ns1 ip netns exec ns1 ip link add bond0 type bond mode balance-rr ip netns exec ns1 ip link set dev bond0 xdp obj afxdpkern.o se...
Node.js Test CI Security Incident
Node.js Test CI Security Incident Update 23-April-2025 Node.js Test CI Security Incident – Full Disclosure Summary On March 21, 2025, we received a security report via HackerOne link restricted at time of writing, detailing a successful compromise of several Node.js test CI hosts. According to th...
PT-2025-17600 · Axis · Axis Camera Station Pro
Name of the Vulnerable Software and Affected Versions: AXIS Camera Station Pro affected versions not specified Description: A non-admin user can modify a specific file used by the server to create files or change the content of files in an admin-protected location. The issue was identified by...
A Sustainability Program with Regional Nuance
...
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Microsoft
Video Tutorial !CVE-2025-24071 Demohttps://img.youtube.co...
naturalsheal.vn Cross Site Scripting vulnerability OBB-4047732
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...