Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the use of strlcpy instead of strscpy by mm/pageowner...

GHSA-HW62-58PR-7WC5 DOM Expressions has a Cross-Site Scripting (XSS) vulnerability due to improper use of string.replace

!NOTE This advisory was originally emailed to [email protected] by @nsysean. To sum it up, the use of javascript's .replace opens up to potential XSS vulnerabilities with the special replacement patterns beginning with $. Particularly, when the attributes of Meta tag from solid-meta are...

DOM Expressions has a Cross-Site Scripting (XSS) vulnerability due to improper use of string.replace

!NOTE This advisory was originally emailed to [email protected] by @nsysean. To sum it up, the use of javascript's .replace opens up to potential XSS vulnerabilities with the special replacement patterns beginning with $. Particularly, when the attributes of Meta tag from solid-meta are...

openSUSE Security Advisory (SUSE-SU-2024:0444-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-22495

An improper input validation vulnerability was discovered in the NTP server configuration field of the Network-M2 card. This could result in an authenticated high privileged user having the ability to execute arbitrary commands. The vulnerability has been resolved in the version 3.0.4. Note -...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : grub2 (SUSE-SU-2025:0586-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0586-1 advisory. - CVE-2024-45781: Fixed strcpy overflow in ufs. bsc1233617 - CVE-2024-56737: Fixed a heap-based...

CVE-2024-13770

The Puzzles | WP Magazine / Review with Store WordPress Theme + RTL theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.2.4 via deserialization of untrusted input 'viewmoreposts' AJAX action. This makes it possible for unauthenticated attackers to...

AZL-59079 CVE-2025-21700 affecting package kernel for versions less than 5.15.180.1-1

In the Linux kernel, the following vulnerability has been resolved: net: sched: Disallow replacing of child qdisc from one parent to another Lion Ackermann was able to create a UAF which can be abused for privilege escalation with the following script Step 1. create root qdisc tc qdisc add dev lo...

CVE-2025-21700 net: sched: Disallow replacing of child qdisc from one parent to another

In the Linux kernel, the following vulnerability has been resolved: net: sched: Disallow replacing of child qdisc from one parent to another Lion Ackermann was able to create a UAF which can be abused for privilege escalation with the following script Step 1. create root qdisc tc qdisc add dev lo...

CVE-2025-21700 net: sched: Disallow replacing of child qdisc from one parent to another

In the Linux kernel, the following vulnerability has been resolved: net: sched: Disallow replacing of child qdisc from one parent to another Lion Ackermann was able to create a UAF which can be abused for privilege escalation with the following script Step 1. create root qdisc tc qdisc add dev lo...

CVE-2025-21700

CVE-2025-21700 is a Linux kernel vulnerability in net: sched that allowed a use-after-free (UAF) scenario to escalate privileges when replacing a child qdisc from one parent to another. The provided description and demonstration show steps manipulating tc qdisc/classqdisc layout and grafting, cul...

CVE-2024-13770

The Puzzles | WP Magazine / Review with Store WordPress Theme + RTL theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.2.4 via deserialization of untrusted input 'viewmoreposts' AJAX action. This makes it possible for unauthenticated attackers to...

CVE-2024-13770 Puzzles | WP Magazine / Review with Store WordPress Theme + RTL <= 4.2.4 - Unauthenticated PHP Object Injection

The Puzzles | WP Magazine / Review with Store WordPress Theme + RTL theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.2.4 via deserialization of untrusted input 'viewmoreposts' AJAX action. This makes it possible for unauthenticated attackers to...

CVE-2024-13769 Puzzles | WP Magazine / Review with Store WordPress Theme + RTL <= 4.2.4 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting

The Puzzles | WP Magazine / Review with Store WordPress Theme + RTL theme for WordPress is vulnerable to Stored Cross-Site Scripting due to a missing capability check on the 'themeoptionsajaxpostaction' AJAX action in all versions up to, and including, 4.2.4. This makes it possible for...

PT-2025-6009 · Joplin · Joplin

Name of the Vulnerable Software and Affected Versions: Joplin versions prior to 3.2.8 Description: Joplin is a free, open source note taking and to-do application. The HTML sanitizer in Joplin allows the name attribute to be specified, which can lead to a property replacement issue. If the name...

CVE-2022-29218

RubyGems is a package registry used to supply software for the Ruby language ecosystem. An ordering mistake in the code that accepts gem uploads allowed some gems with platforms ending in numbers, like arm64-darwin-21 to be temporarily replaced in the CDN cache by a malicious package. The bug has...

CVE-2022-39062

A vulnerability has been identified in SICAM TOOLBOX II All versions V07.10. Affected applications do not properly set permissions for product folders. This could allow an authenticated attacker with low privileges to replace DLLs and conduct a privilege escalation...

CVE-2020-27228

An incorrect default permissions vulnerability exists in the installation functionality of OpenClinic GA 5.173.3. Overwriting the binary can result in privilege escalation. An attacker can replace a file to exploit this vulnerability...

CVE-2020-2500

This improper access control vulnerability in Helpdesk allows attackers to get control of QNAP Kayako service. Attackers can access the sensitive data on QNAP Kayako server with API keys. We have replaced the API key to mitigate the vulnerability, and already fixed the issue in Helpdesk 3.0.1 and...

async-http-client: AsyncHttpClient (AHC) library's `CookieStore` replaces explicitly defined `Cookie`s

A flaw was found in the AsyncHttpClient AHC library. When making any HTTP request, the automatically enabled and self-managed CookieStore will silently replace explicitly defined cookies with any that have the same name from the CookieStore. For services that operate with multiple users, this can...