56 matches found
CVE-2025-8965
A vulnerability has been found in linlinjava litemall up to 1.8.0. This vulnerability affects the function create of the file litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminStorageController.java of the component Endpoint. The manipulation of the argument File leads to...
CVE-2025-8965 linlinjava litemall Endpoint AdminStorageController.java create unrestricted upload
A vulnerability has been found in linlinjava litemall up to 1.8.0. This vulnerability affects the function create of the file litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminStorageController.java of the component Endpoint. The manipulation of the argument File leads to...
litemall 代码问题漏洞
litemall is a small mall system for linlinjava individual developers. A code issue vulnerability exists in litemall 1.8.0 and earlier versions, which stems from an incorrect operation of the File parameter File in the file...
SUSE CVE-2022-50030
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed user input Malformed user input to debugfs results in buffer overflow crashes. Adapt input string lengths to fit within internal buffers, leaving space for NUL...
CVE-2025-3410
A vulnerability classified as critical was found in mymagicpower AIAS 20250308. This vulnerability affects unknown code of the file trainingplatform/train-platform/src/main/java/top/aias/training/controller/LocalStorageController.java. The manipulation of the argument File leads to unrestricted...
CVE-2024-22273
The storage controllers on VMware ESXi, Workstation, and Fusion have out-of-bounds read/write vulnerability. A malicious actor with access to a virtual machine with storage controllers enabled may exploit this issue to create a denial of service condition or execute code on the hypervisor from a...
CLSA-2024-1723495305 Fix of 19 CVEs
CVE-url: https://ubuntu.com/security/CVE-2024-42068 - bpf: Take return from setmemoryro into account with bpfproglockro CVE-url: https://ubuntu.com/security/CVE-2024-42079 - gfs2: Fix NULL pointer dereference in gfs2logflush CVE-url: https://ubuntu.com/security/CVE-2024-42226 - usb: xhci: prevent...
Medium: kernel
Issue Overview: A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. CVE-2023-20588 In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix possible memory leak if deviceadd fails CVE-2023-53174 I...
Broadcom RAID Controller Security Vulnerability
The Broadcom RAID Controller is a series of RAID controllers from Broadcom USA. A security vulnerability exists in the Broadcom RAID Controller that stems from a vulnerability that allows an attacker to exploit session printing in log files for elevation of privilege...
Broadcom RAID Controller Security Vulnerability
The Broadcom RAID Controller is a series of RAID controllers from Broadcom Corporation USA. A security vulnerability exists in the Broadcom RAID Controller, which stems from a session mismanagement issue in the web interface's Gateway installation feature, which makes the product susceptible to...
USN-5728-3: Linux kernel (GCP) vulnerabilities
Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-427...
USN-5727-2 linux-gcp, linux-gcp-4.15 vulnerabilities
It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service system crash. CVE-2022-20422 It was discovered that the KVM implementation in the Linux kernel did not properly handl...
USN-5729-1: Linux kernel vulnerabilities
It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service system crash. CVE-2022-20422 Hsin-Wei Hung discovered that the BPF subsystem in the Linux kernel contained an...
USN-5727-1 linux, linux-aws, linux-aws-hwe, linux-dell300x, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities
It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service system crash. CVE-2022-20422 It was discovered that the KVM implementation in the Linux kernel did not properly handl...
USN-5693-1 linux-oem-5.17 vulnerabilities
David Bouman and Billy Jheng Bing Jhong discovered that a race condition existed in the iouring subsystem in the Linux kernel, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-2602...
More data flow occupies by PVS server after NAS server failover
To improve NAS server high availability,NAS storage controllers are created as failover group to provide fault tolerance for hardware issues and maintenance tasks. Sometimes, if one NAS storage controller needs to shutdown for maintenance or corrupted due tohardwarefailure, it will failover to...
Linux kernel 信息泄露漏洞
Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. The Linux kernel suffers from an information disclosure vulnerability that originates from a kernel information disclosure in the scsiioctl function in drivers/scsi/scsiioctl.c. The vulnerability can be...
DEBIAN-CVE-2018-16847
An OOB heap buffer r/w access issue was found in the NVM Express Controller emulation in QEMU. It could occur in nvmecmbops routines in nvme device. A guest user/process could use this flaw to crash the QEMU process resulting in DoS or potentially run arbitrary code with privileges of the QEMU...
Oracle VirtualBox Manager 5.2.18 r124319 - 'Name Attribute' Denial of Service (PoC)
Exploit Title: Oracle VirtualBox Manager 5.2.18 r124319 - 'Name Attribute' Denial of Service PoC Discovery by: Jose Eduardo Castro Discovery Date: 2018-09-14 Vendor Homepage: https://www.virtualbox.org/ Software Link:...
Oracle VirtualBox Manager 5.2.18 r124319 - Name Attribute Denial of Service (PoC)
Oracle VirtualBox Manager 5.2.18 r124319 - Name Attribute Denial of Service PoC Exploit Title: Oracle VirtualBox Manager 5.2.18 r124319 - 'Name Attribute' Denial of Service PoC Discovery by: Jose Eduardo Castro Discovery Date: 2018-09-14 Vendor Homepage: https://www.virtualbox.org/ Software Link:...