Denial Of Service (DoS)

Apache Struts is vulnerable to Denial Of Service DoS. The vulnerability is due to a file leak in multipart request processing, where temporary files are not properly cleaned up, allowing attackers to trigger uncontrolled disk usage and exhaust server storage...

Malicious Package

Overview jsonify-errors is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

CVE-2025-40327 perf/core: Fix system hang caused by cpu-clock usage

In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix system hang caused by cpu-clock usage cpu-clock usage by the async-profiler tool can trigger a system hang, which got bisected back to the following commit by Octavia Togami: 18dbcbfabfff "perf: Fix the POLLHUP...

EUVD-2023-60115

In the Linux kernel, the following vulnerability has been resolved: md: fix warning for holder mismatch from exportrdev Commit a1d767191096 "md: use mddev-external to select holder in exportrdev" fix the problem that 'claimrdev' is used for blkdevgetbydev while 'rdev' is used for blkdevput...

EUVD-2022-55713

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifscopyfilerange If the file is used by swap, before return -EOPNOTSUPP, should free the xid, otherwise, the xid will be leaked...

CVE-2025-42873 Denial of Service (DoS) in SAPUI5 framework (Markdown-it component)

SAPUI5 and OpenUI5 packages use outdated 3rd party libraries with known security vulnerabilities. When markdown-it encounters special malformed input, it fails to terminate properly, resulting in an infinite loop. This Denial of Service via infinite loop causes high CPU usage and system...

CVE-2025-42873

SAPUI5 (and OpenUI5) packages include the markdown-it component with outdated third‑party libraries, enabling an infinite loop on specially malformed input. This DoS causes high CPU use and unresponsiveness by blocking the processing thread, with no confidentiality or integrity impact reported. N...

CVE-2023-53847

CVE-2023-53847 affects the Linux kernel usb-storage alauda subdriver. The root cause is alauda_check_media() using USB transfer data without verifying transfer success, risking uninitialized data usage; a related issue exists in alauda_get_media_status(). The fix adds a check for transfer success...

CVE-2023-53828

The CVE-2023-53828 entry describes a use-after-free in the Linux kernel Bluetooth HCI path when adding an advertising monitor. KSAN flagged the use-after-free in hci_add_adv_monitor() through a chain including msft_add_monitor_pattern(), msft_add_monitor_sync(), and msft_le_monitor_advertisement_...

DEBIAN-CVE-2022-50638

In the Linux kernel, the following vulnerability has been resolved: ext4: fix bugon in estreesearch caused by bad boot loader inode We got a issue as fllows: ================================================================== kernel BUG at fs/ext4/extentsstatus.c:203! invalid opcode: 0000 1 PREEMP...

DEBIAN-CVE-2022-50643

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifscopyfilerange If the file is used by swap, before return -EOPNOTSUPP, should free the xid, otherwise, the xid will be leaked...

UBUNTU-CVE-2023-53791

In the Linux kernel, the following vulnerability has been resolved: md: fix warning for holder mismatch from exportrdev Commit a1d767191096 "md: use mddev-external to select holder in exportrdev" fix the problem that 'claimrdev' is used for blkdevgetbydev while 'rdev' is used for blkdevput...

SUSE CVE-2025-40326

In the Linux kernel, the following vulnerability has been resolved: NFSD: Define actions for the new timedeleg FATTR4 attributes NFSv4 clients won't send legitimate GETATTR requests for these new attributes because they are intended to be used only with CBGETATTR and SETATTR. But NFSD has to do...

CVE-2023-53791

CVE-2023-53791 concerns the Linux kernel's md (device-mapper/RAID) code. The issue arises from a mismatch of the holder between export_rdev() and blkdev_put() when mddev->external toggles from 0 to 1: a rdev may be used as a holder by blkdev_get_by_dev() but the corresponding release uses clai...

CVE-2022-50656

In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Clear nfctarget before being used Fix a slab-out-of-bounds read that occurs in nlaput called from nfcgenlsendtarget when target-sensbreslen, which is duplicated from an nfctarget in pn533, is too large as the nfctarge...

CVE-2022-50656 nfc: pn533: Clear nfc_target before being used

In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Clear nfctarget before being used Fix a slab-out-of-bounds read that occurs in nlaput called from nfcgenlsendtarget when target-sensbreslen, which is duplicated from an nfctarget in pn533, is too large as the nfctarge...

CVE-2022-50643 cifs: Fix xid leak in cifs_copy_file_range()

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifscopyfilerange If the file is used by swap, before return -EOPNOTSUPP, should free the xid, otherwise, the xid will be leaked...

CVE-2022-50643

The CVE-2022-50643 issue affects the Linux kernel’s CIFS client and stems from an xid leak in cifs_copy_file_range() when the file is used by swap. The underlying bug could leave an xid allocated; the fix ensures the xid is freed before returning -EOPNOTSUPP, preventing leakage. Multiple connecte...

CVE-2022-50643 cifs: Fix xid leak in cifs_copy_file_range()

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifscopyfilerange If the file is used by swap, before return -EOPNOTSUPP, should free the xid, otherwise, the xid will be leaked...

PT-2025-49719

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the Bluetooth component of the Linux kernel, specifically within the hci add adv monitor function. The issue occurs when adding an advertisement monitor,...