Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from mishandling of a race condition, which could lead to system stability issues...

CVE-2024-8244

The filepath.Walk and filepath.WalkDir functions are documented as not following symbolic links, but both functions are susceptible to a TOCTOU time of check/time of use race condition where a portion of the path being walked is replaced with a symbolic link while the walk is in progress...

CVE-2025-54801

A flaw was found in github.com/gofiber/fiber/v2. The Ctx.BodyParser function fails to properly validate numeric form keys, allowing a large integer value to be interpreted as a slice index. This flaw allows a remote attacker to trigger this condition by submitting a crafted form with a sufficient...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2025-1759)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NewStart CGSL MAIN 7.02 : avahi Multiple Vulnerabilities (NS-SA-2025-0174)

The remote NewStart CGSL host, running version MAIN 7.02, has avahi packages installed that are affected by multiple vulnerabilities: - A vulnerability was found in Avahi. A reachable assertion exists in the avahialternativehostname function. CVE-2023-38473 - A flaw was found in avahi in versions...

CVE-2025-53643

A request smuggling flaw was found in the aiohttp python library. If a pure Python version of aiohttp is installed, without the usual C extensions, for example, or if AIOHTTPNOEXTENSIONS is enabled, an attacker can execute a request smuggling attack to bypass certain firewalls or proxy protection...

Unspecified vulnerability in Huawei HarmonyOS (CNVD-2025-15520)

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS version 5.1.0, which stems from a null pointer dereference in the Application Exit Reason module, and can...

CVE-2025-37977

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: exynos: Disable iocc if dma-coherent property isn't set If dma-coherent property isn't set then descriptors are non-cacheable and the iocc shareability bits should be disabled. Without this UFS can end up in an...

CVE-2025-37977

The CVE-2025-37977 issue affects the Linux kernel SCSI UFS Exynos path. Root cause: when the dma-coherent property is not set, descriptors become non-cacheable and iocc shareability bits must be disabled; otherwise UFS may configure incompatibly and experience random cache-related stability issue...

CVE-2025-37977 scsi: ufs: exynos: Disable iocc if dma-coherent property isn't set

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: exynos: Disable iocc if dma-coherent property isn't set If dma-coherent property isn't set then descriptors are non-cacheable and the iocc shareability bits should be disabled. Without this UFS can end up in an...

CVE-2025-37977 scsi: ufs: exynos: Disable iocc if dma-coherent property isn't set

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: exynos: Disable iocc if dma-coherent property isn't set If dma-coherent property isn't set then descriptors are non-cacheable and the iocc shareability bits should be disabled. Without this UFS can end up in an...

CVE-2025-1752

A flaw was found in llama-index KnowledgeBaseWebReader. This vulnerability allows an application-level denial of service via crafting malicious input that exhausts Python's recursion limit. Mitigation Mitigation for this issue is either not available or the currently available options do not meet...

CVE-2025-32022

Finit provides fast init for Linux systems. Finit's urandom plugin has a heap buffer overwrite vulnerability at boot which leads to it overwriting other parts of the heap, possibly causing random instabilities and undefined behavior. The urandom plugin is enabled by default, so this bug affects...

CVE-2025-30194

A flaw was found in DNSdist's DoH implementation using the nghttp2 provider. This vulnerability allows denial of service via a specially crafted DoH exchange that triggers a double-free memory error. Mitigation Mitigation for this issue is either not available or the currently available options d...

CVE-2025-3573

A flaw was found in the jquery-validation package. This vulnerability allows Cross-site scripting XSS via a user-controlled placeholder value passed to the showLabel function, which populates messages using the $.validator.messages dictionary. Mitigation Mitigation for this issue is either not...

CVE-2025-24358

gorilla/csrf provides Cross Site Request Forgery CSRF prevention middleware for Go web applications & services. Prior to 1.7.2, gorilla/csrf does not validate the Origin header against an allowlist. Its executes its validation of the Referer header for cross-origin requests only when it believes...

CVE-2025-2814

A flaw was found in Crypt::CBC. Affected versions of Perl may use the rand function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. This issue affects operating systems where "/dev/urandom'" is unavailable. In that case, Crypt::CBC will fall...

CVE-2025-32395

A flaw was found in Vite. This vulnerability allows arbitrary file access via specially crafted HTTP requests containing a character in the request URL. The issue occurs when the server is run on Node.js or Bun and exposed to the network. Improper handling of invalid request lines allows these...

CVE-2025-29917

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. The bytes setting in the decodebase64 keyword is not properly limited. Due to this, signatures using the keyword and setting can cause large memory allocations of up to 4 GiB per...

CVE-2025-3407

A flaw was found in stb. This vulnerability allows an out-of-bounds read via manipulation of the hcount or vcount arguments. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and...