CVE-2023-53081

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption after failed write When buffered write fails to copy data into underlying page cache page, ocfs2writeendnolock just zeroes out and dirties the page. This can leave dirty page beyond EOF and if page...

CVE-2023-53081 ocfs2: fix data corruption after failed write

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption after failed write When buffered write fails to copy data into underlying page cache page, ocfs2writeendnolock just zeroes out and dirties the page. This can leave dirty page beyond EOF and if page...

PT-2025-28134 · Git +1 · Liblouis

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: The software suffers from an unknown write issue discovered through OSS-Fuzz. The crash state indicates involvement of the lou handlePassVariableAction...

CVE-2025-2574 Out-of-bounds array write in Xpdf 4.05 due to incorrect integer overflow checking

Out-of-bounds array write in Xpdf 4.05 and earlier, due to incorrect integer overflow checking in the PostScript function interpreter code...

CVE-2025-27774

Applio is a voice conversion tool. Versions 3.2.7 and prior are vulnerable to server-side request forgery SSRF and file write in modeldownload.py line 156 in 3.2.7. The blind SSRF allows for sending requests on behalf of Applio server and can be leveraged to probe for other vulnerabilities on the...

CVE-2025-27776 Applio allows SSRF and file write in model_download.py

Applio is a voice conversion tool. Versions 3.2.7 and prior are vulnerable to server-side request forgery SSRF and file write in modeldownload.py line 240 in 3.2.7. The blind SSRF allows for sending requests on behalf of Applio server and can be leveraged to probe for other vulnerabilities on the...

CVE-2025-27777 Applio allows SSRF and file write in model_download.py

Applio is a voice conversion tool. Versions 3.2.7 and prior are vulnerable to server-side request forgery SSRF in modeldownload.py line 195 in 3.2.7. The blind SSRF allows for sending requests on behalf of Applio server and can be leveraged to probe for other vulnerabilities on the server itself ...

CVE-2025-27782 Applio allows arbitrary file write in inference.py

Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to arbitrary file write in inference.py. This issue may lead to writing arbitrary files on the Applio server. It can also be used in conjunction with an unsafe deserialization to achieve remote code execution. As of...

PT-2025-11977 · Applio · Applio

Name of the Vulnerable Software and Affected Versions: Applio versions 3.2.7 and prior Description: Applio is a voice conversion tool vulnerable to server-side request forgery SSRF and file write within the model download.py file line 143 in version 3.2.7. The SSRF allows sending requests on beha...

Linux Distros Unpatched Vulnerability : CVE-2022-0995

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds OOB memory write flaw was found in the Linux kernel's watchqueue event notification subsystem. This flaw can overwrite parts of the kernel stat...

Linux Distros Unpatched Vulnerability : CVE-2020-29374

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/hugememory.c. The getuserpages aka gup implementation, when used for a...

Linux Distros Unpatched Vulnerability : CVE-2017-5049

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to...

PT-2025-11133 · Git +1 · Libvips

Name of the Vulnerable Software and Affected Versions: libvips affected versions not specified Description: The software contains a heap-buffer-overflow write issue occurring within the vips foreign save heif write block function, triggered during wbuffer write thread and vips threadset work...

CVE-2024-57942 netfs: Fix ceph copy to cache on write-begin

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix ceph copy to cache on write-begin At the end of netfsunlockreadfolio in which folios are marked appropriately for copying to the cache either with by being marked dirty and having their private data set or by having...

ABB Cylon Aspect 3.08.03 webServerDeviceLabelUpdate.php Denial of Service Vulnerability

ABB Cylon Aspect version 3.08.03 suffers from an authenticated arbitrary content injection vulnerability in the webServerDeviceLabelUpdate.php script due to a lack of input validation. Authenticated attackers can exploit the deviceLabel POST parameter to write arbitrary content to a fixed file...

Honor MagicOS 安全漏洞

Honor MagicOS is a mobile device operating system by Chinese company Honor Honor. A security vulnerability exists in Honor MagicOS version 8.0.0.135, which stems from a file write issue and can be successfully exploited to cause code execution...

CVE-2024-55659 SiYuan has an arbitrary file write in the host via /api/asset/upload

SiYuan is a personal knowledge management system. Prior to version 3.1.16, the /api/asset/upload endpoint in Siyuan is vulnerable to both arbitrary file write to the host and stored cross-site scripting via the file write. Version 3.1.16 contains a patch for the issue...

SUSE CVE-2023-51257

An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and before allows a local attacker to execute arbitrary code...

SUSE-SU-2023:4935-1 Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues: - CVE-2023-6377: Fixed out-of-bounds memory write in XKB button actions bsc1217765...

SUSE-SU-2023:4933-1 Security update for xwayland

This update for xwayland fixes the following issues: - CVE-2023-6377: Fixed out-of-bounds memory write in XKB button actions bsc1217765...