| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| In JetBrains TeamCity before 2026.1 credentials parameters were exposed via parameter autocompletion |
| Zechat 1.5 contains an SQL injection vulnerability that allows unauthenticated attackers to extract database information by injecting SQL code through the uname parameter. Attackers can send crafted requests to profile.php with UNION-based SQL injection payloads to retrieve table names, column names, and sensitive data from the information_schema database. |
| In JetBrains TeamCity before 2026.1 open redirect in the SAML plugin was possible |
| In JetBrains IntelliJ IDEA before 2026.1 xXE in the UI Designer form parser was possible |
| In JetBrains PyCharm before 2025.3.4 stored XSS in Jupyter notebook Markdown cells was possible |
| In JetBrains YouTrack before 2026.1.13570 improper access control allowed enumeration of restricted issues and articles on Planning Canvas |
| In JetBrains IntelliJ IDEA before 2026.1 code execution was possible via template injection in the Copyright plugin |
| In JetBrains TeamCity before 2026.1 remote code execution was possible via Perforce connection settings |
| In JetBrains YouTrack before 2026.1.13162 information disclosure was possible on fetchApp requests |
| In JetBrains YouTrack before 2026.1.13162 stored XSS in project notification templates was possible |
| In JetBrains IntelliJ IDEA before 2026.1.1 command injection was possible via filename completion |
| In JetBrains TeamCity before 2026.1 stored XSS on the SAML login page was possible |
| In JetBrains TeamCity before 2026.1 improper permission checks exposed build configuration parameters |
| In JetBrains IntelliJ IDEA before 2026.1.1 command execution was possible via the guest user account |
| In JetBrains YouTrack before 2026.1.13162 information disclosure was possible on Users and Groups pages |
| In JetBrains TeamCity before 2026.1,
2025.11.5 unauthenticated SSRF via build status was possible |
| In JetBrains TeamCity before 2026.1 insufficient username validation in the SAML plugin |
| In JetBrains YouTrack before 2026.1.13570 improper access control allowed low-privileged users to modify service accounts |
| vim is vulnerable to Heap-based Buffer Overflow |
| In the Linux kernel, the following vulnerability has been resolved:
f2fs: fix to do sanity check on node footer in {read,write}_end_io
-----------[ cut here ]------------
kernel BUG at fs/f2fs/data.c:358!
Call Trace:
<IRQ>
blk_update_request+0x5eb/0xe70 block/blk-mq.c:987
blk_mq_end_request+0x3e/0x70 block/blk-mq.c:1149
blk_complete_reqs block/blk-mq.c:1224 [inline]
blk_done_softirq+0x107/0x160 block/blk-mq.c:1229
handle_softirqs+0x283/0x870 kernel/softirq.c:579
__do_softirq kernel/softirq.c:613 [inline]
invoke_softirq kernel/softirq.c:453 [inline]
__irq_exit_rcu+0xca/0x1f0 kernel/softirq.c:680
irq_exit_rcu+0x9/0x30 kernel/softirq.c:696
instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1050 [inline]
sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1050
</IRQ>
In f2fs_write_end_io(), it detects there is inconsistency in between
node page index (nid) and footer.nid of node page.
If footer of node page is corrupted in fuzzed image, then we load corrupted
node page w/ async method, e.g. f2fs_ra_node_pages() or f2fs_ra_node_page(),
in where we won't do sanity check on node footer, once node page becomes
dirty, we will encounter this bug after node page writeback. |
