IBM Jazz for Service Management 安全漏洞

IBM Jazz for Service Management is an integrated service management product from International Business Machines IBM that provides visibility into the service management environment. A security vulnerability exists in IBM Jazz for Service Management versions 1.1.3.0 through 1.1.3.24, which stems...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an unset dosetmode callback, which could lead to a null pointer dereference...

Malicious code in test-mlw2-touts-unset (npm)

The package test-mlw2-touts-unset was found to contain malicious code...

MAL-2025-36482 Malicious code in test-mlw2-touts-unset (npm)

The package test-mlw2-touts-unset was found to contain malicious code...

VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify

...

SUSE CVE-2024-45795

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, rules using datasets with the non-functional / unimplemented "unset" option can trigger an assertion during traffic parsing, leading to denial of service...

SUSE CVE-2025-38102

In the Linux kernel, the following vulnerability has been resolved: VMCI: fix race between vmcihostsetupnotify and vmcictxunsetnotify During our test, it is found that a warning can be trigger in trygrabfolio as follow: ------------ cut here ------------ WARNING: CPU: 0 PID: 1678 at mm/gup.c:147...

IBM Datacap 安全漏洞

IBM Datacap is a document capture and processing software from International Business Machines IBM that captures data from various sources e.g., scanner, email, fax, etc. in paper or electronic documents and converts them into editable and searchable digital formats, which are widely used in...

CVE-2025-52560

Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.46, Kanboard allows password reset emails to be sent with URLs derived from the unvalidated Host header when the applicationurl configuration is unset default behavior. This allows an attacker to...

DEBIAN-CVE-2022-50067

In the Linux kernel, the following vulnerability has been resolved: btrfs: unset reloc control if transaction commit fails in preparetorelocate In btrfsrelocateblockgroup, the rc is allocated. Then btrfsrelocateblockgroup calls relocateblockgroup preparetorelocate setreloccontrol that assigns rc ...

UBUNTU-CVE-2022-50067

In the Linux kernel, the following vulnerability has been resolved: btrfs: unset reloc control if transaction commit fails in preparetorelocate In btrfsrelocateblockgroup, the rc is allocated. Then btrfsrelocateblockgroup calls relocateblockgroup preparetorelocate setreloccontrol that assigns rc ...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unset timeout flag, which could lead to an infinite loop...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix oops due to unset link speed It isn’t guaranteed that NETWORKINTERFACEINFO::LinkSpeed will always be set by the server. Therefore, the client must handle any possible values and prevent such oopses from occurring...

CVE-2024-29198 GeoServer Vulnerable to Unauthenticated SSRF via TestWfsPost

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. It possible to achieve Service Side Request Forgery SSRF via the Demo request endpoint if Proxy Base URL has not been set. Upgrading to GeoServer 2.24.4, or 2.25.2, removes the...

PT-2025-27689

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.15.0-rc5 Description: A race condition exists between vmci host setup notify and vmci ctx unset notify in the Linux kernel. This issue can trigger a warning in try grab folio due to a page being freed while...

Ensure That the LD_LIBRARY_PATH Environment Variable Is Correctly Defined

LDLIBRARYPATH is an environmental variable in Linux. When loading a dynamic link library, the program preferentially obtains the library from the path specified by LDLIBRARYPATH. Generally, LDLIBRARYPATH should not be set, because a maliciously set value will make the program link to an incorrect...

PT-2025-14567 · Unknown · Concrete Cms

Name of the Vulnerable Software and Affected Versions: Concrete CMS versions 9 and earlier than 9.4.0RC2 Concrete CMS versions earlier than 8.5.20 Description: The issue concerns Concrete CMS's Address attribute, where addresses are not properly sanitized in the output when a country is not...

DEBIAN-CVE-2025-21890

In the Linux kernel, the following vulnerability has been resolved: idpf: fix checksums set in idpfrxrsc idpfrxrsc uses skbtransportoffsetskb while the transport header is not set yet. This triggers the following warning for CONFIGDEBUGNET=y builds. DEBUGNETWARNONONCE!skbtransportheaderwassetskb...

Aim 安全漏洞

Aim is an easy-to-use and high-performance open source experiment tracker from Aim Open Source USA. A security vulnerability exists in Aim version 3.25.0 that stems from an unset timeout and could lead to a denial of service attack...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from a reuse-after-release vulnerability that stems from an unset device release function, which could lead to reuse-after-release. An attacker could...