Latest CVE Feed
Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.
Nhost is an open source Firebase alternative with GraphQL. Prior to 0.48.0, the auth service's OAuth provider callback flow places the refresh token directly into the redirect URL as a query paramete…
Workbench is a suite of tools for administrators and developers to interact with Salesforce.com organizations via the Force.com APIs. Prior to 65.0.0, Workbench contains a reflected cross-site script…
fast-jwt provides fast JSON Web Token (JWT) implementation. In 6.1.0 and earlier, the publicKeyPemMatcher regex in fast-jwt/src/crypto.js uses a ^ anchor that is defeated by any leading whitespace in…
KubeAI is an AI inference operator for kubernetes. Prior to 0.23.2, the ollamaStartupProbeScript() function in internal/modelcontroller/engine_ollama.go constructs a shell command string using fmt.Sp…
Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. From 33.0.0-alpha.1 to before 39.8.5, 40.8.5, 41.1.0, and 42.0.0-alpha.5, apps that use offscre…
vLLM is an inference and serving engine for large language models (LLMs). From 0.1.0 to before 0.19.0, a Denial of Service vulnerability exists in the vLLM OpenAI-compatible API server. Due to the la…
vLLM is an inference and serving engine for large language models (LLMs). From 0.7.0 to before 0.19.0, the VideoMediaIO.load_base64() method at vllm/multimodal/media/video.py splits video/jpeg data U…
vLLM is an inference and serving engine for large language models (LLMs). From 0.16.0 to before 0.19.0, a server-side request forgery (SSRF) vulnerability in download_bytes_from_url allows any actor …
Memory Corruption when handling power management requests with improperly sized input/output buffers.
Transient DOS when receiving a service data frame with excessive length during device matching over a neighborhood awareness network protocol connection.
Memory Corruption when using deprecated DMABUF IOCTL calls to manage video memory.
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver.
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver.
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.
Memory Corruption when processing auxiliary sensor input/output control commands with insufficient buffer size validation.
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.
Memory Corruption when sending IOCTL requests with invalid buffer sizes during memcpy operations.
Memory Corruption when retrieving output buffer with insufficient size validation.
Transient DOS when processing nonstandard FILS Discovery Frames with out-of-range action sizes during initial scans.
Cryptographic issue while copying data to a destination buffer without validating its size.