11134 matches found
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of the raw s8 field instead of a calculated variable in the cgwcsumcrc8rel function withi...
Kirby 安全漏洞
Kirby is a set of open-source content management systems based on files. Versions prior to Kirby 4.9.0 and 5.4.0 have security vulnerabilities. These vulnerabilities stem from improper handling of CDATA blocks by the Xml::value method, which may allow structured data outside of valid CDATA blocks...
OP-TEE Trusted OS 缓冲区错误漏洞
OP-TEE Trusted OS is an implementation of the OP-TEE open-source project, which creates an open-source Trusted Execution Environment TEE that utilizes Arm TrustZone technology. In versions 3.13.0 to 4.10.0 of OP-TEE Trusted OS, there is a buffer error vulnerability. This vulnerability stems from ...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an incorrect return value of the lookupextentdataref function in btrfs, potentially causing damag...
PT-2026-34869
A client holding only a read JWT scope can still register itself as a signal provider through the production kuksa.val.v2 OpenProviderStream API by sending ProvideSignalRequest. 1. Obtain any valid token with only read scope. 2. Connect to the normal production gRPC API kuksa.val.v2. 3. Open...
PT-2026-34971
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ALSA fireworks component where the system fails to properly validate the status field in an EFW response. This field is a 32-bit value supplied by the firewire...
GHSA-9WFJ-C55W-J9QR Kirby has XML injection in its XML creator toolkit
TL;DR This vulnerability only affects Kirby sites that use the Xml data handler e.g. Data::encode$string, 'xml' or the Xml::create, Xml::tag or Xml::value methods in site or plugin code. The Kirby core does not use any of the affected methods. If consumers use an affected method and cannot rule o...
SUSE CVE-2026-31470
In the Linux kernel, the following vulnerability has been resolved: virt: tdx-guest: Fix handling of host controlled 'quote' buffer length Validate host controlled value quotebuf-outlen that determines how many bytes of the quote are copied out to guest userspace. In TDX environments with remote...
SUSE CVE-2026-33602
A rogue backend can send a crafted UDP response with a query ID off by one related to the maximum configured value, triggering an out-of-bounds write leading to a denial of service...
PT-2026-34815
Name of the Vulnerable Software and Affected Versions Kirby versions prior to 4.9.0 Kirby versions prior to 5.4.0 Description The Xml::value method in Kirby contains a flaw in how it handles blocks. While the method is designed to allow valid CDATA to pass through without being escaped a second...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: libexif (UTSA-2026-014285)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014285 advisory. libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exifmnotedatagetvalue function gets passed in a 0 size, the passed in-buffer would be overwritten du...
EUVD-2026-25079
http.cookies.Morsel.jsoutput returns an inline snippet and only escapes " for JavaScript string context. It does not neutralize the HTML parser-sensitive sequence inside the generated script element. Mitigation base64-encodes the cookie value to disallow escaping using cookie value...
CVE-2026-41175 Statamic: Unsafe method invocation via query value resolution allows data destruction
Statamic is a Laravel and Git powered content management system CMS. Prior to versions 5.73.20 and 6.13.0, manipulating query parameters on Control Panel and REST API endpoints, or arguments in GraphQL queries, could result in the loss of content, assets, and user accounts. The Control Panel...
CVE-2026-41175 Statamic: Unsafe method invocation via query value resolution allows data destruction
Statamic is a Laravel and Git powered content management system CMS. Prior to versions 5.73.20 and 6.13.0, manipulating query parameters on Control Panel and REST API endpoints, or arguments in GraphQL queries, could result in the loss of content, assets, and user accounts. The Control Panel...
CVE-2026-41168
pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.1 can craft a PDF which leads to long runtimes. This requires cross-reference streams with wrong large /Size values or object streams with wrong large /N values. This ha...
DEBIAN-CVE-2026-6019
http.cookies.Morsel.jsoutput returns an inline snippet and only escapes " for JavaScript string context. It does not neutralize the HTML parser-sensitive sequence inside the generated script element. Mitigation base64-encodes the cookie value to disallow escaping using cookie value...
CVE-2026-6019
http.cookies.Morsel.jsoutput returns an inline snippet and only escapes " for JavaScript string context. It does not neutralize the HTML parser-sensitive sequence inside the generated script element. Mitigation base64-encodes the cookie value to disallow escaping using cookie value...
CVE-2026-6019 BaseCookie.js_output() does not neutralize embedded characters
http.cookies.Morsel.jsoutput returns an inline snippet and only escapes " for JavaScript string context. It does not neutralize the HTML parser-sensitive sequence inside the generated script element. Mitigation base64-encodes the cookie value to disallow escaping using cookie value...
CVE-2026-6019 BaseCookie.js_output() does not neutralize embedded characters
http.cookies.Morsel.jsoutput returns an inline snippet and only escapes " for JavaScript string context. It does not neutralize the HTML parser-sensitive sequence inside the generated script element. Mitigation base64-encodes the cookie value to disallow escaping using cookie value...
CVE-2026-6019
http.cookies.Morsel.jsoutput returns an inline snippet and only escapes " for JavaScript string context. It does not neutralize the HTML parser-sensitive sequence inside the generated script element. Mitigation base64-encodes the cookie value to disallow escaping using cookie value...