1319 matches found
CVE-2026-39985
LORIS Longitudinal Online Research and Imaging System is a self-hosted web application that provides data- and project-management for neuroimaging research. Prior to 27.0.3 and 28.0.1, the redirect parameter upon login to LORIS was not validating the value of the redirect as being within LORIS,...
CVE-2026-1502 HTTP client proxy tunnel headers not validated for CR/LF
CR/LF bytes were not rejected by HTTP client proxy tunnel headers or host...
CVE-2026-4432 YITH WooCommerce Wishlist < 4.13.0 - Unauthenticated Arbitrary Wishlist Renaming via IDOR
The YITH WooCommerce Wishlist WordPress plugin before 4.13.0 does not properly validate wishlist ownership in the savetitle AJAX handler before allowing wishlist renaming operations. The function only checks for a valid nonce, which is publicly exposed in the page source of the /wishlist/ page,...
net/url: Incorrect parsing of IPv6 host literals in net/url
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...
CVE-2025-50648
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to inadequate input validation in the /tggl.asp endpoint...
CVE-2026-4631
Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or sanitization. An attacker with network access to the Cockpit web service can craft a single HTTP request to the login endpoint that injects malicious SSH...
Open Redirect
Overview Affected versions of this package are vulnerable to Open Redirect through the redirecturi parameter in multiple endpoints ForgotPassword, MagicLinkLogin, Signup, InviteMembers, OAuthLoginHandler, VerifyEmailHandler which is not validated against AllowedOrigins. An attacker can obtain...
CVE-2025-57834
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 850, 990, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 1680, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400, and Modem 5410. The absence of proper input validation leads to a...
EUVD-2026-18762
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix memory leak in xevmmadviseioctl When checkboargsaresane validation fails, jump to the new freevmas cleanup label to properly free the allocated resources. This ensures proper cleanup in this error path. cherry picked...
CVE-2026-31390
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix memory leak in xevmmadviseioctl When checkboargsaresane validation fails, jump to the new freevmas cleanup label to properly free the allocated resources. This ensures proper cleanup in this error path. cherry picked...
UBUNTU-CVE-2026-31390
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix memory leak in xevmmadviseioctl When checkboargsaresane validation fails, jump to the new freevmas cleanup label to properly free the allocated resources. This ensures proper cleanup in this error path. cherry picked...
CVE-2026-31390
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix memory leak in xevmmadviseioctl When checkboargsaresane validation fails, jump to the new freevmas cleanup label to properly free the allocated resources. This ensures proper cleanup in this error path. cherry picked...
CVE-2026-31390 drm/xe: Fix memory leak in xe_vm_madvise_ioctl
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix memory leak in xevmmadviseioctl When checkboargsaresane validation fails, jump to the new freevmas cleanup label to properly free the allocated resources. This ensures proper cleanup in this error path. cherry picked...
CVE-2026-31390
CVE-2026-31390 affects the Linux kernel's drm/xe path, causing a memory leak in the function path used by xe_vm_madvise_ioctl when check_bo_args_are_sane() validation fails. The underlying issue was incorrect resource cleanup, now addressed by jumping to a new free_vmas cleanup label to properly ...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, caused by a memory leak in the xevmmadviseioctl function. This vulnerability may lead to resources being not...
CVE-2026-20097
A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with admin-level privileges to execute arbitrary code as the root user. This vulnerability is due to improper validation of user-supplied input to the web-based management interface. A...
net/url: Incorrect parsing of IPv6 host literals in net/url
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...
CVE-2026-23898
Joomla! Core (com_joomlaupdate) is affected by an arbitrary file deletion vulnerability due to lack of input validation in the autoupdate server mechanism. The issue is documented across multiple sources (e.g., CVE-2026-23898, JOOMLA-1031, BIT-JOOMLA-2026-23898) and is tied to Joomla core updates...
CVE-2026-23898 Joomla! Core - [20260305] - Arbitrary file deletion in com_joomlaupdate
Lack of input validation leads to an arbitrary file deletion vulnerability in the autoupdate server mechanism...
CVE-2026-30312
DSAI-Cline's command auto-approval module contains a critical OS command injection vulnerability that renders its whitelist security mechanism completely ineffective. The system relies on string-based parsing to validate commands; while it intercepts dangerous operators such as ;, &&, ||, |, and...