CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST - in English
CISA KEV catalog updated: (v2026.07.16)
A division-by-zero vulnerability was found in the flow.floor_divide() component of OneFlow v0.9.0. An attacker can cause a Denial of Service (DoS) by providing a crafted input tensor containing zero.
W GLib znaleziono lukę, która polega na przepełnieniu całkowitym w implementacji konwersji wielkości liter Unicode. Przetwarzając specjalnie przygotowane i niezwykle duże ciągi Unicode, atakujący może wywołać niewłaściwą alokację pamięci, co prowadzi do zapisów poza przydzielonym obszarem pamięci.
W bibliotece GLib znaleziono błąd w procedurze kodowania Base64, który występuje podczas przetwarzania bardzo dużych danych wejściowych. Niewłaściwe użycie typów całkowitych podczas obliczania długości może prowadzić do błędnego obliczenia granic bufora, co skutkuje zapisem pamięci poza przydzielonym buforem.
A flaw was found in the GnuTLS library in the gnutls_pkcs11_token_init() function handling PKCS#11 token initialization. Processing a token label longer than expected causes a stack buffer overflow, potentially leading to application crashes or code execution.
A flaw in the mapstructure library for Go causes information disclosure through detailed error messages. The WeakDecode function may leak sensitive input values in error messages when processing malformed data.
A vulnerability in the Linux kernel's IP over GRE (ip_gre) driver allows a system crash via kernel panic due to insufficient buffer space checks before adding the GRE header. This can be triggered by specially crafted network traffic, leading to a skb_under_panic error.
A vulnerability in the Linux kernel's XSAVE/XRSTOR mechanism for KVM virtual machines was found. When XSTATE_BV indicates an enabled feature that is disabled by XFD, attempting to restore that state via XRSTOR causes a #NM fault and kernel panic. This occurs when loading guest state via KVM_SET_XSAVE or updating XFD in response to guest WRMSR.
In the Linux kernel, a vulnerability in the idxd DMA driver causes device reference leaks during compat bind and unbind operations. Failure to release references leads to improper memory management.
A vulnerability in the PHP backend of gemscms.aptsys.com.sg (through May 28, 2025) allows unauthenticated remote attackers to trigger detailed error messages that disclose internal file paths, code snippets, and stack traces. This is achieved by sending specially crafted HTTP GET/POST requests to public API endpoints.
A vulnerability in the PHP backend of gemsloyalty.aptsys.com.sg (up to 2025-05-28) allows unauthenticated remote attackers to trigger detailed error messages that disclose internal file paths, code snippets, and stack traces. This is achieved by sending specially crafted HTTP GET/POST requests to public API endpoints.
LavaLite CMS versions up to and including 10.1.0 contain a stored cross-site scripting vulnerability in the package creation and search functionality. Authenticated users can inject malicious HTML or JavaScript into the Name or Description fields, which is stored and later rendered without proper output encoding in search results. When other users view these results, the script executes in their browsers.
A reference count leak was discovered in the Linux kernel's bpf_prog_test_run_xdp() function. The issue occurs when the error handling path fails to call xdp_convert_buff_to_md(), causing a network interface (e.g., sit0) to remain stuck and preventing its release.
A crash occurs in the ocelot network driver (Microsemi) when adding an interface to a LAG group. The bug is a NULL pointer dereference in ocelot_set_aggr_pgids() for unregistered ports (ocelot_vsc7514.c frontend).
A memory leak in the Linux kernel's skb_segment_list() function used for GRO packet segmentation. The leak stems from outdated truesize accounting after commit ed4cccef64c1 changed fragment orphaning, preventing socket deallocation.
In the Linux kernel, a vulnerability in dm-verity's recursive forward error correction (FEC) was found. Recursive calls can cause denial-of-service due to up to 4 billion iterations and overwrite shared buffers, breaking correction logic.
Podatność CVE-2025-2204 dotyczy niewłaściwej neutralizacji danych wejściowych podczas generowania stron internetowych w oprogramowaniu Tap&Sign firmy Tapandsign Technologies. Umożliwia to ataki typu Cross-Site Scripting (XSS).
A path traversal vulnerability exists in TMS Management Console 6.3.7.27386.20250818 from TMS Global Software. The 'Download Template' function in the profile dashboard does not neutralize directory traversal sequences (../) in the filePath parameter, allowing authenticated users to read arbitrary files, such as the server's Web.config.
Podatność CVE-2025-4763 dotyczy niewłaściwej neutralizacji danych wejściowych podczas generowania stron internetowych w systemie Hotel Guest Hotspot firmy Aida Computer Information Technology Inc. Umożliwia to ataki typu Reflected XSS.
Stored XSS vulnerability in Argo Workflows allows arbitrary JavaScript execution in another user's browser via artifact directory listing. Affects versions prior to 3.6.17 and 3.7.8.
A vulnerability in the Linux kernel causes a system panic when copying sk_buff.cb data to userspace via sock_recv_errqueue. The issue stems from the skbuff_fclone_cache lacking a usercopy whitelist, triggering a BUG() when CONFIG_HARDENED_USERCOPY is enabled. The fix uses a local stack variable as a bounce buffer to bypass the hardened usercopy check.

