27 matches found
cronmaster 安全漏洞
Cronmaster is a web-based Cron task management and system monitoring tool developed by fccview’s individual developers. Versions of Cronmaster prior to 2.2.0 contained security vulnerabilities. These vulnerabilities stemmed from authentication bypasses in the middleware. When session verification...
EUVD-2023-60438
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in initsmb2rsphdr When smb1 mount fails, KASAN detect slab-out-of-bounds in initsmb2rsphdr like the following one. For smb1 negotiate56bytes , initsmb2rsphdr for smb2 is called. The issue occurs whil...
CVE-2023-54203
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in initsmb2rsphdr When smb1 mount fails, KASAN detect slab-out-of-bounds in initsmb2rsphdr like the following one. For smb1 negotiate56bytes , initsmb2rsphdr for smb2 is called. The issue occurs whil...
UBUNTU-CVE-2023-54203
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in initsmb2rsphdr When smb1 mount fails, KASAN detect slab-out-of-bounds in initsmb2rsphdr like the following one. For smb1 negotiate56bytes , initsmb2rsphdr for smb2 is called. The issue occurs whil...
CVE-2023-54203
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in initsmb2rsphdr When smb1 mount fails, KASAN detect slab-out-of-bounds in initsmb2rsphdr like the following one. For smb1 negotiate56bytes , initsmb2rsphdr for smb2 is called. The issue occurs whil...
CVE-2023-54203 ksmbd: fix slab-out-of-bounds in init_smb2_rsp_hdr
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in initsmb2rsphdr When smb1 mount fails, KASAN detect slab-out-of-bounds in initsmb2rsphdr like the following one. For smb1 negotiate56bytes , initsmb2rsphdr for smb2 is called. The issue occurs whil...
CVE-2023-54203 ksmbd: fix slab-out-of-bounds in init_smb2_rsp_hdr
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in initsmb2rsphdr When smb1 mount fails, KASAN detect slab-out-of-bounds in initsmb2rsphdr like the following one. For smb1 negotiate56bytes , initsmb2rsphdr for smb2 is called. The issue occurs whil...
PT-2025-54032
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.21 3 Description The Linux kernel contains a flaw within the ksmbd module, specifically in the init smb2 rsp hdr function. This issue manifests as a slab-out-of-bounds write when an SMB1 mount operation fails...
kernel: NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL
In the Linux kernel, the following vulnerability has been resolved: NFSD: Avoid calling OPDESC with ops-opnum == OPILLEGAL OPDESC simply indexes into nfsd4ops by the op's operation number, without range checking that value. It assumes callers are careful to avoid calling it with an out-of-bounds...
EUVD-2021-8821
Malicious code in bioql PyPI...
EUVD-2025-21715
Malicious code in bioql PyPI...
PT-2025-29868 · Voidbot · Voidbot
Name of the Vulnerable Software and Affected Versions: VoidBot Open-Source versions 0.0.1 through 0.8.1 Description: VoidBot Open-Source is a customizable Discord bot. A flaw exists in the command handler where permission checks are not properly enforced for certain administrative commands. This...
nss: timing attack against RSA decryption
It was discovered that the numerical library used in NSS for RSA cryptography leaks information whether high order bits of the RSA decryption result are zero. This information can be used to mount a Bleichenbacher or Manger like attack against all RSA decryption operations. As the leak happens...
CVE-2023-1894
A Regular Expression Denial of Service ReDoS issue was discovered in Puppet Server 7.9.2 certificate validation. An issue related to specifically crafted certificate names significantly slowed down server operations...
CVE-2023-1894
A Regular Expression Denial of Service ReDoS issue was discovered in Puppet Server 7.9.2 certificate validation. An issue related to specifically crafted certificate names significantly slowed down server operations...
CVE-2023-1894
A Regular expression Denial of Service ReDoS issue was found in the Puppet Server 7.9.2 certificate validation. An issue related to specifically crafted certificate names significantly slowed down server operations...
CVE-2022-34367
Dell EMC Data Protection Central versions 19.1, 19.2, 19.3, 19.4, 19.5, 19.6, contains a Cross-Site Request Forgery Vulnerability. An remote unauthenticated attacker could potentially exploit this vulnerability, leading to processing of unintended server operations...
CVE-2022-34367
Dell EMC Data Protection Central versions 19.1, 19.2, 19.3, 19.4, 19.5, 19.6, contains a Cross-Site Request Forgery Vulnerability. An remote unauthenticated attacker could potentially exploit this vulnerability, leading to processing of unintended server operations...
Cross site request forgery (csrf)
Dell EMC Data Protection Central versions 19.1, 19.2, 19.3, 19.4, 19.5, 19.6, contains a Cross-Site Request Forgery Vulnerability. An remote unauthenticated attacker could potentially exploit this vulnerability, leading to processing of unintended server operations...
Alohi: Waitlist bypass for accessing SIGN.PLUS Beta
During SIGN.PLUS beta phase, it was found out that hackers could trick the API response and pretend to have been accepted into the beta program. All server operations would be blocked, but the UI client would be accessible, exposing the work-in-progress design to non-beta users. There was no...