CVE-2025-29946

Insufficient or Incomplete Data Removal in Hardware Component in SEV firmware doesn't fully flush IOMMU. This can potentially lead to a loss of confidentiality and integrity in guest memory...

GitLab 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features. A security vulnerability exists in GitLab EE versions 18.1 through 18.3 prior ...

EUVD-2024-1178

Malicious code in bioql PyPI...

CVE-2025-0011

CVE-2025-0011 concerns AMD Crash Defender. The issue is improper removal of sensitive information before storage or transfer, potentially revealing kernel address information and harming confidentiality. The CVE is rated CVSS v3.1 with a base score of 3.3 (LOW); attack vector LOCAL, required priv...

Apple macOS和Apple iPadOS 安全漏洞

Apple macOS and Apple iPadOS are products of Apple Inc. Apple macOS is a specialized operating system developed for Mac computers, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple macOS and Apple iPadOS that stems from insufficient removal of...

AZL-35077 CVE-2023-5992 affecting package opensc for versions less than 0.25.1-3

A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data...

kernel: drm/mipi-dsi: Detach devices when removing the host

A resource leak flaw was found in the Linux kernel's MIPI-DSI host driver in the device removal logic. A local user can trigger this issue by unregistering a MIPI-DSI host, causing the cleanup code to unregister all attached devices without first detaching them. This prevents the host from...

CVE-2022-4173

A vulnerability within the malware removal functionality of Avast and AVG Antivirus allowed an attacker with write access to the filesystem, to escalate his privileges in certain scenarios. The issue was fixed with Avast and AVG Antivirus version 22.10...

Improper Removal of Sensitive Information Before Storage or Transfer

Overview Affected versions of this package are vulnerable to Improper Removal of Sensitive Information Before Storage or Transfer via the rest.AnonymousClientConfig method that does not effectively clear service account credentials loaded using rest.InClusterConfig. An attacker can gain...

ProjectWorlds Online Shopping System 跨站请求伪造漏洞

Projectworlds Online Shopping System is an online shopping system from the Austrian company Projectworlds.A security vulnerability exists in Projectworlds Online Shopping System PHP, which stems from a CSRF vulnerability in ProjectWorlds Online Shopping System PHP 1.0, a CSRF vulnerability in...

CVE-2020-3844

This issue was addressed with improved checks. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. Users removed from an iMessage conversation may still be able to alter state...