CVE-2026-41079

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to 2.4.17, a network-adjacent attacker can send a crafted SNMP response to the CUPS SNMP backend that causes an out-of-bounds read of up to 176 bytes past a stack buffer. The leaked memory i...

EUVD-2026-2855

Calling getnetbyaddr or getnetbyaddrr with a configured nsswitch.conf that specifies the library's DNS backend for networks and queries for a zero-valued network in the GNU C Library version 2.0 to version 2.42 can leak stack contents to the configured DNS resolver...

CVE-2023-6606 Kernel: out-of-bounds read vulnerability in smbcalcsize

An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information...

CVE-2023-43503

A vulnerability has been identified in COMOS All versions V10.4.4. Caching system in the affected application leaks sensitive information such as user and project information in cleartext via UDP...

CVE-2023-25750

Under certain circumstances, a ServiceWorker's offline cache may have leaked to the file system when using private browsing mode. This vulnerability affects Firefox 111...

USN-5926-1 linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities

Kirill Tkhai discovered that the XFS file system implementation in the Linux kernel did not calculate size correctly when pre-allocating space in some situations. A local attacker could use this to expose sensitive information. CVE-2021-4155 Lee Jones discovered that a use-after-free vulnerabilit...

kernel: xfs: raw block device data leak in XFS_IOC_ALLOCSP IOCTL

A data leak flaw was found in the way XFSIOCALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them...

Brave Android 1.20.108 Security Fixes

Fixed ISP DNS leak when shields are enabled. Upgraded Chromium to 88.0.4324.182 — refer to Google Chrome advisories for inherited CVEs...

PHP process_nested_data 函数释放后重用漏洞

A while ago the function "processnesteddata" was changed to better handle object properties. Before it was possible to create numeric object properties which would cause trouble down the road. So the following code was added: if !objprops ... else / object properties should include no integers /...

强智综合教务系统后台上传漏洞，可沦陷服务器

简要描述： 后台上传获取webshell 通过搜索获得Oracle数据库管理权限 修改成绩 详细说明： http://www.qzdatasoft.com:8088/qznjw/ewebeditor/admin/ 默认账号密码admin 直接上传webshell 获取root权限 （ewebeditor后台授权漏洞修补 目前无法使用ewebeditor后台进行上传） 搜索 oracle.jdbc.driver.OracleDriver 可以获取Oracle数据库账号密码 通过官方PDF文档知晓 成绩保存在CJ0708 补考保存在CJ0708BK 通过近期对服务器信息收集发现...

CVE-2004-0133

The XFS file system code in Linux 2.4.x has an information leak in which in-memory data is written to the device for the XFS file system, which allows local users to obtain sensitive information by reading the raw device...