195539 matches found
HCL BigFix Service Management 安全漏洞
HCL BigFix Service Management is an IT service management and asset management platform developed by the Indian company HCL. There is a security vulnerability in HCL BigFix Service Management. This vulnerability stems from the failure to remove EXIF metadata from uploaded images, which may lead t...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the findnetwork function in the rtl8723bs driver. This function does not check for the null pointer of...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the s3fwrn5 driver not allocating a receive skb before receiving bytes. This could lead to null...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel. This vulnerability arises from the hfsplus file system; if the setupbdevsuper operation fails when transitioning t...
UNISOC Chipsets 安全漏洞
UNISOC Chipsets are chipset solutions developed by UNISOC, a company based in China. There are security vulnerabilities present in UNISOC Chipsets, and these vulnerabilities stem from improper input validation, which may lead to remote denial-of-service attacks...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the AMD IOMMU driver’s use of the waitonsem function within a spinlock, potentially leading to a...
Zabbix 跨站脚本漏洞
Zabbix is a set of open-source monitoring systems developed by Zabbix Inc. This system supports network monitoring, server monitoring, cloud monitoring, and application monitoring. Zabbix has a cross-site scripting vulnerability. This vulnerability arises because non-super administrators who have...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the error handling logic for ARM processors in APEI/GHES, where no checks are performed on memory...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the possibility that beaconint may be zero in the rtw89 driver, potentially leading to a zero division...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to release device references when attempting to obtain the SCISCSI name via dmmpath,...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that the last four bytes of the sockaddrin6 structure in the PFKEY export path are not...
WordPress plugin LatePoint 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
Incus 代码问题漏洞
Incus is a system container and virtual machine manager developed by LXC. Versions of Incus prior to 7.0.0 contained code vulnerabilities. These vulnerabilities stemmed from a lack of validation logic in the bucket import process. This allowed authenticated users to use malicious or incorrectly...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from insufficient TLB invalidation during memory compression in the Alpha architecture. This...
PicoTronica e-Clinic Healthcare System ECHS 安全漏洞
PicoTronica e-Clinic Healthcare System ECHS is a medical clinic management system developed by the British company PicoTronica. Version 5.7 of the PicoTronica e-Clinic Healthcare System ECHS contains a security vulnerability. This vulnerability stems from an issue with the parameter ADMINKEY in t...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ntfs3 file system’s failure to handle the attrsetsize function error when truncating files,...
MongoDB C Driver 安全漏洞
The MongoDB C Driver is an open-source library developed by MongoDB, designed to connect to and manipulate MongoDB databases in C-language programs. There is a security vulnerability in the MongoDB C Driver, which stems from the insecure string copying performed during username normalization by t...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the reuse of freed memory during the resize operation in the md/bitmap functions. This could...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the absence of a playback/capture component in the ASoC SOF Intel hda. This could lead to null pointer...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from issues with header offset overflow and protocol header misalignment during the extraction of data...
HCL BigFix Service Management 跨站请求伪造漏洞
HCL BigFix Service Management is an IT service management and asset management platform developed by the Indian company HCL. HCL BigFix Service Management has a cross-site request forgery vulnerability. This vulnerability stems from cross-site request forgery attacks, which may lead to unauthoriz...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a race condition in the MHI autoqueue function within the qtrr module on the IPCR DL channel. Thi...
Keylime 安全漏洞
Keylime is an open-source scalable trust system developed using TPM technology. Keylime has a security vulnerability, which stems from the verifier using hardcoded challenge random numbers for TPM reference proofs instead of encrypted random values. This allows attackers to accumulate valid TPM...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an overflow in the nlink function of the jfs file system’s jfsrename function. This vulnerability may...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the madvise IOCTL in the drm xe driver not verifying the patindex boundary. This could lead to...
OpenClaw 安全漏洞
OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.10 contained security vulnerabilities. These vulnerabilities were caused by improper binding of the sandbox browser CDP relay network, which may allow attackers to access the...
Cisco Prime Infrastructure 安全漏洞
Cisco Prime Infrastructure is an application software developed by Cisco, Inc. in the United States. It is used to simplify the management of wireless and wired networks. There is a security vulnerability in Cisco Prime Infrastructure, which stems from insufficient authorization checks in the...
Apache::Session::Generate::ModUniqueId 安全漏洞
Apache::Session::Generate::ModUniqueId is a session ID generation module developed by RRWO’s individual developers. There are security vulnerabilities in the version 1.54 to 1.94 of Apache::Session::Generate::ModUniqueId. These vulnerabilities stem from the use of the UNIQUEID environment variabl...
Oracle Macaron Tool 输入验证错误漏洞
Oracle Macaron Tool is an application configuration and migration assistance tool developed by Oracle, a company in the United States. Version 0.22.0 of Oracle Macaron Tool contains a vulnerability related to input validation. This vulnerability arises from failed host address verification, which...
WatchGuard Agent 安全漏洞
WatchGuard Agent is a terminal security protection and device management agent provided by the American company WatchGuard. There is a security vulnerability in WatchGuard Agent, which stems from improper resource permission allocation in the patch management component. This vulnerability may all...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the mptcp kernel path manager not always setting IDs as available when deleting endpoints, potentially...
Masa CMS 输入验证错误漏洞
Masa CMS is a digital experience platform operated by Masa CMS organization. Masa CMS has a vulnerability related to input validation errors. This vulnerability stems from improper handling of relative URLs, which may allow attackers to redirect victims to sites controlled by external attackers...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure of the SMU to handle null pointers when DRM and PM are disabled. This could lead to a null...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the IPMB event handler not being initialized. This issue may cause i2c to read uninitialized valu...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a race condition between the userref functions in iouring/zcrx during the scrub and refill...
Google Go 安全漏洞
Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, where the listening address is bound to 0.0.0.0, allowing malicious parties on the same network to...
PhpSpreadsheet 跨站脚本漏洞
PhpSpreadsheet is a PHP library developed by PHPOffice, designed for reading and writing spreadsheet files. Versions prior to PhpSpreadsheet 5.7.0, 3.10.5, 2.4.5, 2.1.16, and 1.30.4 contained a cross-site scripting vulnerability. This vulnerability stemmed from HTML writers skipping...
Paramiko 加密问题漏洞
Paramiko is an open-source implementation of the SSHv2 protocol, written entirely in Python. It provides both client and server functionality. Versions of Paramiko prior to 4.0.0 have vulnerabilities related to encryption, which stem from the use of the SHA-1 algorithm in the rsakey.py module...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an out-of-bound array access in the camss vfe driver’s vfeisrregupdate function, potentially...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fsl-imx8mq-usb phy driver not setting the platform driver data correctly. This may result in...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that xfrmpolicyfini does not wait for the RCU reader to complete before releasing the...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of handling of msc-input in the HID MagicMouse, potentially leading to crashes...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of validation for the len parameter in dlm functions, potentially leading to out-of-boun...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the direct reading of the option length without verifying the remaining length in the netfilter...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the brcmffwehhandleifevent function not verifying the bsscfg index range, potentially leading to...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an error in the handling of resources by the mtk-mdp driver’s probe function. This error occurs...
Gotenberg 参数注入漏洞
Gotenberg is an open-source, developer-friendly API developed by Gotenberg. It is used to convert various document formats into PDF files. Versions of Gotenberg 8.30.1 and earlier contained a parameter injection vulnerability. This vulnerability stemmed from the fact that the metadata writing...
Masa CMS 跨站请求伪造漏洞
Masa CMS is a digital experience platform organized by Masa CMS. Versions of Masa CMS 7.5.2 and earlier contained a cross-site request forgeing vulnerability. This vulnerability stemmed from the cTrash.empty function not verifying the anti-CSRF token, which could allow attackers to induce...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of checking of the return value of ipv6devgetsaddr in xfrm6, potentially leading to the...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the uninitialized payload of NLMSGDONE in the nfnetlinklog, leading to a leak of kernel heap data...