CVE-2026-21643

creationtimestamp| type| source ---|---|--- 2026-02-06 10:00:10+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3me6nhfw7lq23 2026-02-06 15:33:53+00:00| seen| https://infosec.exchange/users/decio/statuses/116024412137620292 2026-02-09 09:16:18+00:00| seen|...

CVE-2020-21643

Cross Site Scripting XSS vulnerability in HongCMS 3.0 allows attackers to run arbitrary code via the callback parameter to /ajax/myshop...

Linux Distros Unpatched Vulnerability : CVE-2025-21643

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: netfs: Fix kernel async DIO Netfslib needs to be able to handle kernel-initiated asynchronou...

BELL-CVE-2025-21643

Bulletin has no description...

CVE-2025-21643

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix kernel async DIO Netfslib needs to be able to handle kernel-initiated asynchronous DIO that is supplied with a biovec array. Currently, because of the async flag, this gets passed to netfsextractuseriter which throws a...

CVE-2025-21643 netfs: Fix kernel async DIO

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix kernel async DIO Netfslib needs to be able to handle kernel-initiated asynchronous DIO that is supplied with a biovec array. Currently, because of the async flag, this gets passed to netfsextractuseriter which throws a...

CVE-2025-21643

The CVE-2025-21643 entry concerns the Linux kernel netfs path. Affected: kernel components handling asynchronous DIO via bio_vec[] passed to netfs_extract_user_iter(); trigger occurs when CIFS is combined with a loopback blockdev. Root cause: netfs_unbuffered_write_iter_locked() performed a check...

CVE-2025-21643

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix kernel async DIO Netfslib needs to be able to handle kernel-initiated asynchronous DIO that is supplied with a biovec array. Currently, because of the async flag, this gets passed to netfsextractuseriter which throws a...

CVE-2025-21643 netfs: Fix kernel async DIO

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix kernel async DIO Netfslib needs to be able to handle kernel-initiated asynchronous DIO that is supplied with a biovec array. Currently, because of the async flag, this gets passed to netfsextractuseriter which throws a...

CVE-2024-21643

creationtimestamp| type| source ---|---|--- 2024-01-10 06:26:55+00:00| seen| https://t.me/ctinow/165559 2024-01-27 04:41:24+00:00| seen| https://t.me/ctinow/174621...

CVE-2024-21643

The CVE-2024-21643 issue affects IdentityModel Extensions for .NET (Microsoft.IdentityModel.Protocols.SignedHttpRequest) where the SignedHttpRequest protocol/validator trusts the jku claim by default, enabling remote/local HTTP GET requests. Multiple sources confirm this vulnerability and identif...

CVE-2024-21643 Microsoft.IdentityModel.Protocols.SignedHttpRequest remote code execution vulnerability

IdentityModel Extensions for .NET provide assemblies for web developers that wish to use federated identity providers for establishing the caller's identity. Anyone leveraging the SignedHttpRequestprotocol or the SignedHttpRequestValidatoris vulnerable. Microsoft.IdentityModel trusts the jkuclaim...

CVE-2023-21643

CVE-2023-21643 involves memory corruption due to an untrusted pointer dereference in automotive systems during a system call. The core vulnerability is a pointer dereference leading to memory corruption in an automotive context, with both NVD’s local access impact (CVSSv3.1: base 7.8, HIGH/LOCAL)...

CVE-2023-21643 Untrusted Pointer Dereference in Automotive

Memory corruption due to untrusted pointer dereference in automotive during system call...

CVE-2020-21643

creationtimestamp| type| source ---|---|--- 2023-04-29 00:27:32+00:00| seen| https://t.me/cibsecurity/63092...

CVE-2020-21643

Cross Site Scripting XSS vulnerability in HongCMS 3.0 allows attackers to run arbitrary code via the callback parameter to /ajax/myshop...

CVE-2020-21643

Cross Site Scripting XSS vulnerability in HongCMS 3.0 allows attackers to run arbitrary code via the callback parameter to /ajax/myshop...

CVE-2020-21643

HongCMS 3.0 is affected by a Cross Site Scripting (XSS) vulnerability that allows an attacker to run arbitrary code via the callback parameter to /ajax/myshop. Affected component: HongCMS 3.0; root cause: unsanitized callback parameter in the /ajax/myshop endpoint. Impact per sources: XSS with po...

CVE-2020-21643

Cross Site Scripting XSS vulnerability in HongCMS 3.0 allows attackers to run arbitrary code via the callback parameter to /ajax/myshop...

RHEL 7 / 8 : OpenShift Container Platform 4.7.13 (RHSA-2021:2122)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2122 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...