114 matches found
CVE-2025-71160
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: avoid chain re-validation if possible Hamza Mahfooz reports cpu soft lock-ups in nftchainvalidate: watchdog: BUG: soft lockup - CPU1 stuck for 27s! iptables-nft-re:37547 .. RIP: 0010:nftchainvalidate+0xcb/0x1...
CVE-2025-71160
CVE-2025-71160 relates to the Linux kernel netfilter nf_tables chain validation. The vulnerability arises from the validator traversing the entire chain graph (base chains and chain jumps), which can trigger CPU soft lockups in nft_chain_validate under certain input paths. The change described ai...
CVE-2025-71160 netfilter: nf_tables: avoid chain re-validation if possible
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: avoid chain re-validation if possible Hamza Mahfooz reports cpu soft lock-ups in nftchainvalidate: watchdog: BUG: soft lockup - CPU1 stuck for 27s! iptables-nft-re:37547 .. RIP: 0010:nftchainvalidate+0xcb/0x1...
CVE-2025-71160
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: avoid chain re-validation if possible Hamza Mahfooz reports cpu soft lock-ups in nftchainvalidate: watchdog: BUG: soft lockup - CPU1 stuck for 27s! iptables-nft-re:37547 .. RIP: 0010:nftchainvalidate+0xcb/0x1...
GHSA-2VGV-HGV4-22MH Gitea improperly exposes issue and pull request titles
Gitea's notification API does not re-validate repository access permissions when returning notification details. After a user's access to a private repository is revoked, they may still view issue and pull request titles through previously received notifications...
Gitea improperly exposes issue titles and repository names through previously started stopwatches
Gitea's stopwatch API does not re-validate repository access permissions. After a user's access to a private repository is revoked, they may still view issue titles and repository names through previously started stopwatches...
CVE-2026-20883
Gitea's stopwatch API does not re-validate repository access permissions. After a user's access to a private repository is revoked, they may still view issue titles and repository names through previously started stopwatches...
PT-2026-26099
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the XFS file system related to the revalidation of two btrees during file system repair. Specifically, the issue arises when rebuilding both the...
TencentOS Server 4: frr (TSSA-2025:0329)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0329 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
Unvalidated Trust: Cross-Stage Vulnerabilities in Large Language Model Architectures
As Large Language Models LLMs are increasingly integrated into automated, multi-stage pipelines, risk patterns that arise from unvalidated trust between processing stages become a practical concern. This paper presents a mechanism-centered taxonomy of 41 recurring risk patterns in commercial LLMs...
EUVD-2007-0072
Malware in sbrugna...
EUVD-2020-23703
Malware in sbrugna...
EUVD-2018-8302
Malware in sbrugna...
SUSE SLES15: frr / frr-devel / libfrr0 / libfrr_pb0 / libfrrcares0 / etc (SUSE-SU-2025:03453-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:03453-1 advisory. - CVE-2024-55553: excessive resource consumption may lead to denial of service due to repeated RIB revalidation when processi...
Security update for frr
This update for frr fixes the following issues: CVE-2024-55553: excessive resource consumption may lead to denial of service due to repeated RIB revalidation when processing several RPKI updates bsc1235237. Patch Instructions: To install this SUSE update use the SUSE recommended installation...
SUSE-SU-2025:03297-1 Security update for frr
This update for frr fixes the following issues: - CVE-2024-55553: excessive resource consumption may lead to denial of service due to repeated RIB revalidation when processing several RPKI updates bsc1235237...
Security update for frr
This update for frr fixes the following issues: CVE-2024-55553: excessive resource consumption may lead to denial of service due to repeated RIB revalidation when processing several RPKI updates bsc1235237. Patch Instructions: To install this SUSE update use the SUSE recommended installation...
In FRRouting (FRR) all routes are re-validated if the total size of an update received via RTR exceeds the internal socket's buffer size
...
CE Phoenix Cart 访问控制错误漏洞
CE Phoenix Cart is a free, open source e-commerce shopping cart software from CE Phoenix Cart Open Source. An access control error vulnerability exists in CE Phoenix Cart versions prior to 1.0.9.7 through 1.1.0.3, which stems from a lack of password revalidation when deleting an account, which...
CVE-2020-36125
Pax Technology PAXSTORE v7.0.820200511171508 and lower is affected by incorrect access control where password revalidation in sensitive operations can be bypassed remotely by an authenticated attacker through requesting the endpoint directly...