CVE-2026-21648

creationtimestamp| type| source ---|---|--- 2026-01-03 06:55:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mbitbqzcrk2q...

Siemens SIMATIC Devices Memory Allocation with Excessive Size Value (CVE-2025-21648)

In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: clamp maximum hashtable size to INTMAX Use INTMAX as maximum size for the conntrack hashtable. Otherwise, it is possible to hit WARNONONCE in kvmallocnodenoprof when resizing hashtable because GFPNOWARN is...

SUSE-SU-2025:02000-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching bsc1242006. - CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer serialization bsc1230581. ...

SUSE-SU-2025:01964-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching bsc1242006. - CVE-2024-35840: mptcp: use OPTIONMPTCPMPJSYNACK in subflowfinishconnect...

CVE-2020-21648

WDJA CMS v1.5.2 contains an arbitrary file deletion vulnerability in the component admin/cache/manage.php...

EulerOS 2.0 SP12 : kernel (EulerOS-SA-2025-1421)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : filemap: avoid truncating 64-bit offset to 32 bitsCVE-2025-21665 iomap: avoid avoid truncating 64-bit offset to 32 bitsCVE-2025-21667 fs/proc: fix...

Linux Distros Unpatched Vulnerability : CVE-2025-21648

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: conntrack: clamp maximum hashtable size to INTMAX Use INTMAX as maximum size for the conntrack hashtable. Otherwise, it is possible to hit WARNONONCE...

CVE-2022-21648

Latte is an open source template engine for PHP. Versions since 2.8.0 Latte has included a template sandbox and in affected versions it has been found that a sandbox escape exists allowing for injection into web pages generated from Latte. This may lead to XSS attacks. The issue is fixed in the...

CVE-2024-21648

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. The rollback action is missing a right protection, a user can rollback to a previous version of the page to gain rights they don't have anymore. The problem has been patched in XWiki 14.10.17,...

BELL-CVE-2025-21648

Bulletin has no description...

CVE-2025-21648 netfilter: conntrack: clamp maximum hashtable size to INT_MAX

In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: clamp maximum hashtable size to INTMAX Use INTMAX as maximum size for the conntrack hashtable. Otherwise, it is possible to hit WARNONONCE in kvmallocnodenoprof when resizing hashtable because GFPNOWARN is...

CVE-2025-21648

CVE-2025-21648 affects the Linux kernel netfilter conntrack code. The vulnerability arises from the hashtable resize path where the maximum size could exceed practical limits, risking a WARN_ON_ONCE in __kvmalloc_node_noprof() when __GFP_NOWARN is unset. The fix clamps the conntrack hashtable siz...

CVE-2025-21648

In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: clamp maximum hashtable size to INTMAX Use INTMAX as maximum size for the conntrack hashtable. Otherwise, it is possible to hit WARNONONCE in kvmallocnodenoprof when resizing hashtable because GFPNOWARN is...

CVE-2024-21648

creationtimestamp| type| source ---|---|--- 2024-01-09 01:26:31+00:00| seen| https://t.me/ctinow/164736 2024-01-25 19:16:49+00:00| seen| https://t.me/ctinow/173718...

CVE-2024-21648 XWiki has no right protection on rollback action

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. The rollback action is missing a right protection, a user can rollback to a previous version of the page to gain rights they don't have anymore. The problem has been patched in XWiki 14.10.17,...

CVE-2024-21648

CVE-2024-21648 affects XWiki Platform. The issue is a missing privilege check on the rollback action, allowing a user to rollback a page to gain rights they no longer have. The root cause is insufficient rights verification during rollback. Remediation is available in patched releases: XWiki 14.1...

CVE-2023-21648

Memory corruption in RIL while trying to send apdu packet...

CVE-2023-21648

CVE-2023-21648 is a memory corruption issue in the RIL when attempting to send APDU packets, observed across Qualcomm chipsets. The CVE description references memory corruption, with the CVE record also noting an Integer Overflow to Buffer Overflow in RIL. Public sources (NVD/Red Hat/CVE list) co...

CVE-2022-21648

creationtimestamp| type| source ---|---|--- 2022-01-04 22:38:29+00:00| seen| https://t.me/cibsecurity/34955...

CVE-2022-21648

Latte is an open source template engine for PHP. Versions since 2.8.0 Latte has included a template sandbox and in affected versions it has been found that a sandbox escape exists allowing for injection into web pages generated from Latte. This may lead to XSS attacks. The issue is fixed in the...