195539 matches found
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ipv6 module’s failure to check iter-nh when using RTANHID in the fib6addrt2node function. As ...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the gpio cdev module’s behavior during the linehandlecreate function. After retaining andnullptr,...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the timer-sp804 clock source driver sharing the same clkevt instance when it is not registered as...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the optimization of NFS LOCALIO—the allocation of page cache does not utilize the GFPNOFS context...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the pstore ram module not properly updating the oldlogsize when it calls the persistentramsaveold...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an incorrect recovery of the gp value when the LLVM compiler in the MIPS architecture is used as a glob...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ath12k wireless driver failing to clear outdated mappings in ahvif-linksmap when connecting...
Acronis DeviceLock DLP 安全漏洞
Acronis DeviceLock DLP is a terminal security system developed by the Swiss company Acronis. It is designed to control access to peripherals and prevent data breaches. Versions of Acronis DeviceLock DLP prior to 9.0.15051.93227 contained security vulnerabilities. These vulnerabilities stemmed fro...
MaxSite CMS 安全漏洞
MaxSite CMS is an open-source website content management system developed by MaxSite in Russia. Version 109.2 of MaxSite CMS has a security vulnerability. This vulnerability stems from a cross-site scripting vulnerability in the backend page file upload endpoint, which could allow remote attacker...
Securly Chrome Extension 安全漏洞
Securly Chrome Extension is a web filtering and student online security management browser extension developed by the American company Securly. Version 3.0.7 of Securly Chrome Extension contains a security vulnerability. This vulnerability arises from the lack of complexity validation during the...
Securly Chrome Extension 安全漏洞
Securly Chrome Extension is a web filtering and student online security management browser extension developed by the American company Securly. Version 3.0.7 of Securly Chrome Extension contains a security vulnerability. This vulnerability stems from multiple exposed endpoints allowing unauthoriz...
Securly Chrome Extension 安全漏洞
Securly Chrome Extension is a web filtering and student online security management browser extension developed by the American company Securly, targeting educational scenarios. Version 3.0.7 of Securly Chrome Extension contains a security vulnerability. This vulnerability stems from the use of...
OP-TEE Trusted OS 安全漏洞
OP-TEE Trusted OS is an open-source implementation of Arm TrustZone technology, providing an open-source Trusted Execution Environment TEE. Versions of OP-TEE Trusted OS prior to 4.11.0 contained security vulnerabilities. These vulnerabilities stemmed from the lack of verification that the public...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ath12k driver’s ability to enable WoW unloading for both the primary and auxiliary links duri...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the engid field in the drm/amd/display module. This field may have negative values or values...
Linux kernel 安全漏洞
The Linux kernel is the core used by the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ASoC fslxcvr module attempting to acquire the controlsrwsem write lock, which is already...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the regulator core module not correctly holding the regulatorlistmutex lock in the wrong path of...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the btrfs file system’s use of listaddtail to update the dirtylist for blockgrouptree when settin...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the octeontx2-af driver failing to clear the RVUM block revision during kexec reboot. This causes...
sglang 安全漏洞
SGLang is a programming language and runtime system developed by SGL-project, aimed at accelerating large model inference. Versions of SGLang prior to 0.5.11 contain security vulnerabilities, specifically related to the datahash function in the Cache Handler component, which may lead to...
Acronis DeviceLock DLP 代码问题漏洞
Acronis DeviceLock DLP is a terminal security protection system developed by the Swiss company Acronis. It is designed to control access to peripherals and prevent data breaches. Versions of Acronis DeviceLock DLP prior to 9.0.15051.93227 contained code vulnerabilities, specifically DLL hijacking...
concretecms 安全漏洞
ConcreteCMS is an open-source content management system developed by Concrete. Versions of ConcreteCMS prior to 9.5.2 contained security vulnerabilities. These vulnerabilities stemmed from the unserialize method calls in Workflow, Form blocks, and File/Set components, which lacked a allowedclasse...
OP-TEE Trusted OS 安全漏洞
OP-TEE Trusted OS is an implementation of the OP-TEE open-source project, which creates an open-source Trusted Execution Environment TEE that utilizes Arm TrustZone technology. There were security vulnerabilities in versions 4.3.0 to 4.11.0 of OP-TEE Trusted OS. These vulnerabilities stemmed from...
ERPNext 安全漏洞
ERPNext is a set of open-source enterprise resource planning solutions developed by the Indian company ERPNext. Version 16.16.0 of ERPNext contains a security vulnerability. This vulnerability allows authenticated users to persist arbitrary HTML/JavaScript in customer records’ email or mobile...
ERPNext 跨站脚本漏洞
ERPNext is a set of open-source enterprise resource planning solutions developed by the Indian company ERPNext. Version 16.16.0 of ERPNext contains a cross-site scripting vulnerability. This vulnerability arises from users with project record editing privileges being able to persist arbitrary...
Koha 安全漏洞
Koha is a library automation management system developed by the Koha organization. Versions of Koha prior to 25.11 contained security vulnerabilities, which originated from the Z39.50 configuration module. These vulnerabilities could allow remote attackers to execute arbitrary code...
Koha 安全漏洞
Koha is a library automation management system developed by the Koha organization. Versions of Koha prior to 25.11 contained a security vulnerability, which stemmed from the file upload feature in the invoice function. This vulnerability could allow remote attackers to execute arbitrary code...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the NFC HCI SHDLC timer not stopping before releasing context, potentially allowing reuse...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the AppArmor module’s dfa tables not being aligned by 8 bytes. This vulnerability may lead to...
Student-Management-System 授权问题漏洞
Student-Management-System is an open-source student information management system developed by Cyber-III. There is a vulnerability related to authorization in Student-Management-System, which stems from unknown functions of the Administrative Backend component in the admin/config.php file. This...
NetApp Active IQ Config Advisor 安全漏洞
NetApp Active IQ Config Advisor is a diagnostic tool developed by the American company NetApp, used for verifying storage environment configurations, conducting health checks, and assessing best practices. Version 6.7.3 of NetApp Active IQ Config Advisor contains a security vulnerability. This...
Acronis DeviceLock DLP 代码问题漏洞
Acronis DeviceLock DLP is a terminal security system developed by the Swiss company Acronis. It is designed to control access to peripherals and prevent data breaches. Versions of Acronis DeviceLock DLP prior to 9.0.15051.93227 contained code vulnerabilities related to DLL hijacking, which could...
Acronis DeviceLock DLP 代码问题漏洞
Acronis DeviceLock DLP is a terminal security protection system developed by the Swiss company Acronis. It is designed to control access to peripherals and prevent data breaches. Versions of Acronis DeviceLock DLP prior to 9.0.15051.93227 contained code vulnerabilities, specifically an EXE...
FOSSBilling 输入验证错误漏洞
FOSSBilling is an open-source billing and customer management platform for hosting service providers and digital service providers. Versions of FOSSBilling prior to 0.8.0 contained a vulnerability related to input validation errors. This vulnerability stemmed from the redirection module not...
libxls 安全漏洞
libxls is an open-source C library for reading old binary OLE format Excel files. Version 1.6.3 of libxls contains a security vulnerability. This vulnerability stems from the use of uninitialized memory during the parsing of malformed XLS files, which may lead to undefined behavior, parsing error...
MLRun 安全漏洞
MLRun is an AI orchestration platform developed by MLRun OpenSource. Versions of MLRun 1.12.0-rc3 and earlier contain security vulnerabilities. These vulnerabilities stem from a function in the DataFrame Hash Handler component located in the file mlrun/utils/helpers.py, specifically the...
Securly Chrome Extension 安全漏洞
Securly Chrome Extension is a web filtering and student online security management browser extension developed by the American company Securly, designed for educational scenarios. Version 3.0.7 of Securly Chrome Extension contains a security vulnerability. This vulnerability stems from the use of...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from race conditions in the tmc-etr driver between the sysfs and perf modes, potentially leading to...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the k230 pinctrl driver’s parsing of the device tree. This parsing process involves accessing...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the IRQ request in the rt9455 power supply driver. This request occurs before the...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that the IPPROTORAW raw sockets do not discard malicious ICMP packets, potentially leading to...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the SPI WPCM-FIU driver. In the wpcmfiuprobe function, platformgetresourcebyname may return NULL,...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fsl-edma driver disabling clocks that were previously automatically managed by devmclkget. Th...
Mercusys AC12G 安全漏洞
The Mercusys AC12G is a Gigabit wireless router produced by the Chinese company Mercusys. The Mercusys AC12G EU V1 AC12G EU V1 version has a security vulnerability. This vulnerability stems from the transmission of DDNS credentials via plaintext HTTP, which may allow for man-in-the-middle attacks...
Mercusys AC12G 安全漏洞
The Mercusys AC12G is a Gigabit wireless router produced by the Chinese company Mercusys. The Mercusys AC12G EU V1 AC12G EU V1 version has a security vulnerability. This vulnerability stems from the use of static authentication random numbers, which may allow attackers to recover the plaintext...
Mercusys AC12G 安全漏洞
The Mercusys AC12G is a Gigabit wireless router produced by the Chinese company Mercusys. The Mercusys AC12G EU V1 AC12G EU V1 version has a security vulnerability. This vulnerability stems from UPnP AddPortMapping accepting internal IP addresses, which may allow unauthenticated LAN attackers to...
Mercusys AC12G 授权问题漏洞
The Mercusys AC12G is a Gigabit wireless router produced by the Chinese company Mercusys. The Mercusys AC12G EU V1 AC12G EU V1 version has a security vulnerability. This vulnerability stems from the lack of rate limiting on the TDDP password change endpoint, which may allow neighboring network...
Mercusys AC12G 安全漏洞
The Mercusys AC12G is a Gigabit wireless router produced by the Chinese company Mercusys. The Mercusys AC12G EU V1 AC12G EU V1 version has a security vulnerability. This vulnerability stems from the use of hardcoded DES keys for encrypting configuration backups, which may allow attackers to decry...
Mercusys AC12G 安全漏洞
The Mercusys AC12G is a Gigabit wireless router produced by the Chinese company Mercusys. The Mercusys AC12G EU V1 AC12G EU V1 version has a security vulnerability. This vulnerability stems from an HTTP denial-of-service attack, which may cause continuous crashes due to a small number of speciall...
Mercusys AC12G 安全漏洞
The Mercusys AC12G is a Gigabit wireless router produced by the Chinese company Mercusys. The Mercusys AC12G EU V1 AC12G EU V1 version has security vulnerabilities. These vulnerabilities stem from unvalidated UPnP IGD operations, which may allow unauthenticated LAN devices to create arbitrary por...