Dell Inventory Collector Client 安全漏洞

Dell Inventory Collector Client is a terminal asset inventory tool developed by the American company Dell. Versions of Dell Inventory Collector Client prior to version 13.8.0 contained security vulnerabilities. These vulnerabilities were caused by improper link resolution before file access, whic...

CVE-2026-32655

Dell Alienware Command Center AWCC, versions prior to 6.13.8.0, contain a Least Privilege Violation vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges...

CVE-2026-32655

Dell Alienware Command Center AWCC, versions prior to 6.13.8.0, contain a Least Privilege Violation vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003089)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003089 advisory. Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service use-after-free or possibly have unspecified...

In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API (Python bindings) because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters.

...

WordPress plugin Jetpack 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

CVE-2025-32373 DNN allows a registered user to enumerate and access files they should not have access to

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. In limited configurations, registered users may be able to craft a request to enumerate/access some portal files they should not have access to. This vulnerability is fixed in 9.13.8...

PT-2025-15636 · Dnn · Dnn

Name of the Vulnerable Software and Affected Versions: DNN formerly DotNetNuke versions prior to 9.13.8 Description: The algorithm used to generate the captcha image in DNN formerly DotNetNuke shows the least complexity of the desired image, making it easily readable by OCR tools. This allows an...

Vanderbilt REDCap 安全漏洞

REDCap is a data collection and management web application. A security vulnerability exists in Vanderbilt REDCap prior to v.13.8.0, which stems from the presence of a SQL injection vulnerability that could allow a remote attacker to gain access to sensitive information via a password reset...

SUSE CVE-2006-4434

Use-after-free vulnerability in Sendmail before 8.13.8 allows remote attackers to cause a denial of service crash via a long "header line", which causes a previously freed variable to be referenced. NOTE: the original developer has disputed the severity of this issue, saying "The only denial of...

CVE-2022-2138

creationtimestamp| type| source ---|---|--- 2022-07-22 18:19:40+00:00| seen| https://t.me/cibsecurity/46811...

PT-2022-20449 · Sofia-Sip +4 · Sofia-Sip +4

Name of the Vulnerable Software and Affected Versions: Sofia-SIP versions prior to 1.13.8 Description: Sofia-SIP is an open-source Session Initiation Protocol SIP User-Agent library. An attacker can send a message with evil sdp to FreeSWITCH, which may cause a crash. This type of crash may be...

UBUNTU-CVE-2021-38166

In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is an integer overflow and out-of-bounds write when many elements are placed in a single bucket. NOTE: exploitation might be impractical without the CAPSYSADMIN capability...

UBUNTU-CVE-2021-22198

An issue has been discovered in GitLab CE/EE affecting all versions from 13.8 and above allowing an authenticated user to delete incident metric images of public projects...

GitLab 跨站脚本漏洞

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab 13.8 and later,...

Multiple local information disclosure vulnerabilities in Linux kernel 'block/bio.c'

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. Multiple local information disclosure vulnerabilities exist in the 'biomapuseriov and biounmapuser' functions of the block/bio.c file in versions of Linux kernel prior...

Linux kernel local denial of service vulnerability (CNVD-2017-33090)

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A local denial of service vulnerability exists in the sound/usb/mixer.c file in versions of Linux kernel prior to 4.13.8. A local attacker can exploit this vulnerability to...

DEBIAN-CVE-2017-16527

sound/usb/mixer.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service sndusbmixerinterrupt use-after-free and system crash or possibly have unspecified other impact via a crafted USB device...

PT-2017-3160 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.13.8 Description: The issue is related to the usb serial console disconnect function in the Linux kernel, which can cause a denial of service use-after-free and system crash or possibly have unspecified other...