811 matches found
CVE-2022-50753
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on summary info As Wenqing Liu reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=216456 BUG: KASAN: use-after-free in recoverdata+0x63ae/0x6ae0 f2fs Read of size 4 at addr...
UBUNTU-CVE-2022-50753
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on summary info As Wenqing Liu reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=216456 BUG: KASAN: use-after-free in recoverdata+0x63ae/0x6ae0 f2fs Read of size 4 at addr...
CVE-2022-50753
CVE-2022-50753 affects the Linux kernel F2FS recovery paths. Public details in connected documents show a use-after-free in recover_data due to an SSA table corruption (ofs_in_node > ADDRS_PER_PAGE) leading to out-of-bounds access during mount for a fuzzed image. The patch adds sanity checks o...
CVE-2022-50753 f2fs: fix to do sanity check on summary info
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on summary info As Wenqing Liu reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=216456 BUG: KASAN: use-after-free in recoverdata+0x63ae/0x6ae0 f2fs Read of size 4 at addr...
CVE-2022-50753 f2fs: fix to do sanity check on summary info
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on summary info As Wenqing Liu reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=216456 BUG: KASAN: use-after-free in recoverdata+0x63ae/0x6ae0 f2fs Read of size 4 at addr...
PT-2025-53119
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.0.0-rc4 Description The Linux kernel contains a flaw within the f2fs file system related to sanity checks on summary information. This issue can lead to a use-after-free condition, specifically triggered by...
GHSA-9FJM-6W64-76R7 vulnerabilities
Vulnerabilities for packages: chromium...
EUVD-2025-204382
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in AmentoTech Tuturn allows Path Traversal.This issue affects Tuturn: from n/a before 3.6...
f2fs: zone: fix to avoid inconsistence in between SIT and SSA
...
Online Shopping Portal product-details.php file SQL Injection Vulnerability
Online Shopping Portal is an online store system. Online Shopping Portal suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements for the name, summary, review, quality, price, and value parameters in product-details.php. An attacker c...
📄 Fortinet FortiWeb 8.0.0 Authentication Bypass
Analysis write up of the Fortinet FortiWeb version 8.0.0 authentication bypass vulnerability that can be leveraged for remote code execution. Titles: Fortinet FortiWeb Auth-8.0.0 Bypass CVE-2025-64446 Author: nu11secur1ty Date: 11/17/2025 Vendor: https://www.fortinet.com/ Software: v8.0.0...
PHPGurukul Online Shopping Portal 安全漏洞
Online Shopping Portal is an online store system. Online Shopping Portal suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements for the name, summary, review, quality, price, and value parameters in product-details.php. An attacker c...
CVE-2024-44664
PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the name, summary, review, quality, price, and value parameters in product-details.php...
CVE-2025-64179 lakeFS: Unauthenticated access to API usage metrics
lakeFS is an open-source tool that transforms object storage into a Git-like repositories. In versions 1.69.0 and below, missing authentication in the /api/v1/usage-report/summary endpoint allows anyone to retrieve aggregate API usage counts. While no sensitive data is disclosed, the endpoint may...
CVE-2025-64179
lakeFS versions
CVE-2025-64179 lakeFS: Unauthenticated access to API usage metrics
lakeFS is an open-source tool that transforms object storage into a Git-like repositories. In versions 1.69.0 and below, missing authentication in the /api/v1/usage-report/summary endpoint allows anyone to retrieve aggregate API usage counts. While no sensitive data is disclosed, the endpoint may...
CVE-2025-64179 lakeFS: Unauthenticated access to API usage metrics
lakeFS is an open-source tool that transforms object storage into a Git-like repositories. In versions 1.69.0 and below, missing authentication in the /api/v1/usage-report/summary endpoint allows anyone to retrieve aggregate API usage counts. While no sensitive data is disclosed, the endpoint may...
curl: Hi Hacker
Hi Hacker Impact Summary:...
CVE-2024-14001
Nagios XI versions prior to 2024R1.1.3 are vulnerable to cross-site scripting XSS via the Executive Summary Report component. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
EUVD-2024-55045
Nagios XI versions prior to 2024R1.1.3 are vulnerable to cross-site scripting XSS via the Executive Summary Report component. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...