Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: f2fs: Fix to correctly check the readonly condition. In the following case, it is possible to mount a multi-device image with the rw option. However, if one of the secondary devices is set as ro, subsequent updates will cause a...

RUSTSEC-2026-0127 Integer overflow in `array::ReadWrite::new()` leading to potential memory corruption

In array::ReadWrite::new line 83 of accessor/src/array.rs, let bytes = mem::sizeof:: len can overflow usize when len is very large. In release mode, this silently wraps, potentially making bytes = 0. The mapper then maps with 0 bytes, and subsequent accesses e.g. readvolatileat lead to undefined...

Integer overflow in `array::ReadWrite::new()` leading to potential memory corruption

In array::ReadWrite::new line 83 of accessor/src/array.rs, let bytes = mem::sizeof:: len can overflow usize when len is very large. In release mode, this silently wraps, potentially making bytes = 0. The mapper then maps with 0 bytes, and subsequent accesses e.g. readvolatileat lead to undefined...

📄 WatchGuard Firebox Default SSH Credentials

This is a python script to detect whether or not WatchGuard Firebox devices allow unauthorized access via default credentials admin:readwrite on port 4118. =============================================================================================================================================...

CVE-2025-55174

A flaw was found in Skanpage. This vulnerability allows an attacker to partially overwrite files, resulting in a file containing new content followed by partial old content, due to incorrect use of QIODevice::ReadWrite instead of QODevice::WriteOnly...

CVE-2025-55174

In KDE Skanpage before 25.08.0, an attempt at file overwrite can result in the contents of the new file at the beginning followed by the partial contents of the old file at the end, because of use of QIODevice::ReadWrite instead of QODevice::WriteOnly...

UBUNTU-CVE-2025-55174

In KDE Skanpage before 25.08.0, an attempt at file overwrite can result in the contents of the new file at the beginning followed by the partial contents of the old file at the end, because of use of QIODevice::ReadWrite instead of QODevice::WriteOnly...

CVE-2025-55174

In KDE Skanpage before 25.08.0, an attempt at file overwrite can result in the contents of the new file at the beginning followed by the partial contents of the old file at the end, because of use of QIODevice::ReadWrite instead of QODevice::WriteOnly...

KDE Applications 安全漏洞

KDE Applications is an open source software suite from the KDE community that provides over 200 applications that run on any Linux desktop as well as other platforms. A security vulnerability exists in KDE Applications versions prior to 25.08.0, which stems from the use of QIODevice::ReadWrite ma...

EUVD-2025-199713

In KDE Skanpage before 25.08.0, an attempt at file overwrite can result in the contents of the new file at the beginning followed by the partial contents of the old file at the end, because of use of QIODevice::ReadWrite instead of QODevice::WriteOnly...

PT-2025-48127

In KDE Skanpage before 25.08.0, an attempt at file overwrite can result in the contents of the new file at the beginning followed by the partial contents of the old file at the end, because of use of QIODevice::ReadWrite instead of QODevice::WriteOnly...

CVE-2025-59396

Rejected reason: Not a security vulnerability...

CVE-2025-59396

CVE-2025-59396 is associated with a default-configuration vulnerability in WatchGuard Firebox devices. The exposed detail from connected documents shows that the default SSH port 4118 permits administrative access using the default admin:readwrite credentials, enabling unauthenticated remote cont...

CVE-2025-59396

...

CVE-2025-59396

...

Linux Distros Unpatched Vulnerability : CVE-2023-53243

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: btrfs: add handling for RAID1C23/DUP to btrfsreduceallocprofile Callers of...

DLL Hijacking Vulnerability in ReadWriteWriter PC for Windows

ReadWrite PC is a multifunctional synchronization tool for PC of smart office book launched by ReadWrite Technology, a subsidiary of KDDI. A DLL hijacking vulnerability exists in ReadWrite PC for Windows, which can be exploited by attackers to execute malicious code...

Microsoft DirectWrite AFDKO - Heap-Based Out-of-Bounds ReadWrite in OpenType Font Handling Due to Unbounded iFD

Microsoft DirectWrite AFDKO - Heap-Based Out-of-Bounds ReadWrite in OpenType Font Handling Due to Unbounded iFD -----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font...

Microsoft DirectWrite AFDKO - Heap-Based Out-of-Bounds ReadWrite in OpenType Font Handling Due to Empty ROS Strings

Microsoft DirectWrite AFDKO - Heap-Based Out-of-Bounds ReadWrite in OpenType Font Handling Due to Empty ROS Strings -----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font...

WebKit JSC - JSArray::shiftCountWithArrayStorage Out-of-Bounds ReadWrite

WebKit JSC - JSArray::shiftCountWithArrayStorage Out-of-Bounds ReadWrite / bool JSArray::shiftCountWithArrayStorageVM& vm, unsigned startIndex, unsigned count, ArrayStorage storage unsigned oldLength = storage-length; RELEASEASSERTcount hasHoles && this-structurevm-holesMustForwardToPrototypevm,...