195539 matches found
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from unhandled UDP LibiLibinitSock failed operations, leading to a null pointer derefrence...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to call ofnodeput to release device node references in the nct7363presentpwmfanin...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from skipping the dev-iotlb refresh for inaccessible PCIe devices in non-extensible mode, potentially...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the iris driver’s behavior when creating internal buffers: it first adds buffers to a list before...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the iris gen1 driver failing to destroy the internal buffer after it is released by the firmware,...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of suppression of the sysfs binding attributes in the reset gpio process. This...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure of the SMU to handle null pointers when DRM and PM are disabled. This could lead to a null...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an outdated check in the cpuidle driver within the ACPI processor driver. This vulnerability may lead t...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the incorrect update of isize when logging replay is performed. This issue may lead to inode with...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the function vc4savehangstate not releasing kernelstate during the early return path, resulting i...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the mcp23s08 chip not disabling all pin interrupts during detection. This could lead to interrupts bein...
Apache Wicket 授权问题漏洞
Apache Wicket is an open-source, lightweight, component-based framework developed by the Apache Foundation in the United States. It provides an object-oriented approach for developing web-based dynamic UI applications. Versions of Apache Wicket from 8.0.0 to 8.17.0, 9.0.0, and 10.0.0 to 10.8.0...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the wave5 driver’s automatic suspension mode that enters a suspended state due to an excessive...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of card disconnection checkpoints added to the ALSA OSS mixer layer. This vulnerability...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the situation where, when CONFIGBRIDGEVLANFILTERING is not set, brvlangroup returns NULL, leading...
Apache Wicket 信息泄露漏洞
Apache Wicket is an open-source, lightweight, component-based framework developed by the Apache Foundation in the United States. It provides an object-oriented approach for developing web-based dynamic UI applications. Versions of Apache Wicket from 8.0.0 to 8.17.0, from 9.0.0 to 9.22.0, and from...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the srcugpstartifneeded function in tiny SRCU directly calling schedulework. This could lead to...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the vc4freehangstate function not releasing the BO array properly, resulting in a memory leak...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the cachefilescull function not correctly acquiring the dentry reference count, resulting in the...
Oracle Macaron Tool 输入验证错误漏洞
Oracle Macaron Tool is an application configuration and migration assistance tool developed by Oracle, a company in the United States. Version 0.22.0 of Oracle Macaron Tool contains a vulnerability related to input validation. This vulnerability arises from failed host address verification, which...
Masa CMS 跨站请求伪造漏洞
Masa CMS is a digital experience platform operated by Masa CMS organization. Versions of Masa CMS 7.5.2 and earlier contained a cross-site request forgeing vulnerability. This vulnerability stemmed from the createBundle method in csettings.cfc, which did not properly validate the anti-CSRF token...
OpenTelemetry 资源管理错误漏洞
OpenTelemetry is an open-source, vendor-neutral, open-source observability framework developed by OpenTelemetry. Versions of OpenTelemetry 1.15.2 and earlier contained a resource management vulnerability. This vulnerability stemmed from the Zipkin exporter’s remote endpoint caching unbounded key...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the IMA measurement list buffer exceeding the truncated RAM range during kexec operations,...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from premature fence selection and improper reference management in the amdgpugemvaioctl function. Thi...
PhpSpreadsheet 跨站脚本漏洞
PhpSpreadsheet is a PHP library developed by PHPOffice, designed for reading and writing spreadsheet files. Versions prior to PhpSpreadsheet 5.7.0, 3.10.5, 2.4.5, 2.1.16, and 1.30.4 contained a cross-site scripting vulnerability. This vulnerability stemmed from HTML writers skipping...
OpenClaw 安全漏洞
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a security vulnerability that stems from the failure of the OpenShell file system bridge to properly validate symbolic link exchanges when handling file system operations, which can be exploited by an...
OpenClaw 安全漏洞
OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.15 contained security vulnerabilities. These vulnerabilities stemmed from the QMD backend’s memoryget function, which allowed arbitrary file reading, potentially enabling caller...
OpenClaw 安全漏洞
OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.10 contained security vulnerabilities. These vulnerabilities stemmed from insufficient blacklists for execution environment policy environment variables, which might allow...
Vvveb 安全漏洞
Vvveb is a powerful and easy-to-use CMS developed by Givan’s individual developers. It is used to build websites, blogs, or e-commerce stores. Versions of Vvveb prior to 1.0.8.2 contained security vulnerabilities. These vulnerabilities were caused by an issue with the password reset module, where...
Vvveb 访问控制错误漏洞
Vvveb is a powerful and easy-to-use CMS developed by Givan’s individual developers. It is used to build websites, blogs, or e-commerce stores. Versions of Vvveb prior to 1.0.8.2 contained an access control vulnerability. This vulnerability stemmed from hard-coded credentials in the...
Gazelle 环境问题漏洞
Gazelle is a web framework developed by WhatCD’s developers, designed for private BitTorrent trackers. Versions of Gazelle prior to 0.49 contained an environmental vulnerability, caused by improper handling of HTTP header priorities. This vulnerability could allow attackers to inject malicious HT...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ionicqueryport function not checking the return value of ibdevicegetnetdev, potentially leading to...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the mchpipcgetclusteraggrirq function in mchp-ipc-sbi. This function uses a hartid index on a...
OpenClaw 安全漏洞
OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw from 2026.2.21 to 2026.4.10 contained security vulnerabilities. These vulnerabilities were due to a sandbox noVNC auxiliary routing mechanism that allowed authentication bypass, potentially...
Masa CMS 跨站请求伪造漏洞
Masa CMS is a digital experience platform operated by Masa CMS organization. Versions of Masa CMS 7.5.2 and earlier contained a cross-site request forgeing vulnerability. This vulnerability stemmed from the cUsers.updateAddress function not properly verifying the anti-CSRF token, allowing attacke...
Rucio SQL注入漏洞
Rucio is an open-source scientific data management tool developed by Rucio team. Rucio has a SQL injection vulnerability, which stems from the SQL injection in the FilterEngine.createsqlaquery method. This vulnerability allows any authenticated Rucio user to execute arbitrary SQL queries against...
PicoTronica e-Clinic Healthcare System ECHS 授权问题漏洞
PicoTronica e-Clinic Healthcare System ECHS is a medical clinic management system developed by the British company PicoTronica. Version 5.7 of the PicoTronica e-Clinic Healthcare System ECHS contains an authorization vulnerability. This vulnerability stems from an unknown function in the API...
HCL BigFix Service Management 信息泄露漏洞
HCL BigFix Service Management is an IT service management and asset management platform developed by the Indian company HCL. HCL BigFix Service Management has a vulnerability related to information leakage. This vulnerability stems from the absence or insecure use of the X-Content-Type-Options...
HCL BigFix RunBookAI 安全漏洞
HCL BigFix RunBookAI is an AI-driven automation platform developed by the American company HCL. HCL BigFix RunBookAI has a security vulnerability, which stems from the continuous presence of insecure input texts. The processing of component inputs poses security risks, increasing the likelihood o...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a race condition between the userref functions in iouring/zcrx during the scrub and refill...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to release the state objects allocated through the v4l2subdevstatealloc mechanism in...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, caused by an improper cleaning order of wave5 devices. This vulnerability may allow access to hardware registers...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an error in the doprocmapquery function, potentially leading to a double mmput operation due to an...
Flowise 授权问题漏洞
Flowise is an open-source tool developed by FlowiseAI, designed for easily building LLM applications. Versions of Flowise 3.0.12 and earlier contained an authorization vulnerability. This vulnerability stemmed from issues with the operations of the parameter userId/organizationId/workspaceId/emai...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an error in the media cx23885 code where the unmapped path was omitted, potentially leading to...
Masa CMS 输入验证错误漏洞
Masa CMS is a digital experience platform operated by Masa CMS organization. Masa CMS has a vulnerability related to input validation errors. This vulnerability stems from improper handling of relative URLs, which may allow attackers to redirect victims to sites controlled by external attackers...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the TSV110 processor’s susceptibility to Spectre-BHB attacks, potentially leading to information...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that the devicenode reference count is not properly decremented after the ofparsephandle...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an out-of-bound array access in the camss vfe driver’s vfeisrregupdate function, potentially...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the tw9906 driver failing to release the memory of the v4l2 controller during error detection,...