58 matches found
Astra Linux - уязвимость в linux-5.10, linux
Several Linux PV device frontends are vulnerable to attacks by backends that use grant table interfaces to remove access rights from resources. This can lead to potential data leaks, data corruption by malicious backends, and denial of service attacks. The backends that use these interfaces may n...
BELL-CVE-2026-23042
Bulletin has no description...
CVE-2026-23042
In the Linux kernel, the following vulnerability has been resolved: idpf: fix aux device unplugging when rdma is not supported by vport If vport flags do not contain VIRTCHNL2VPORTENABLERDMA, driver does not allocate vdevinfo for this vport. This leads to kernel NULL pointer dereference in...
Linux Distros Unpatched Vulnerability : CVE-2026-23042
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - idpf: fix aux device unplugging when rdma is not supported by vport If vport flags do not contain VIRTCHNL2VPORTENABLERDMA, driver does not allocate vdevinfo fo...
EUVD-2022-28152
Malicious code in bioql PyPI...
CVE-2021-23042
On BIG-IP version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.4, 13.1.x before 13.1.4, and 12.1.x before 12.1.6, when an HTTP profile is configured on a virtual server, undisclosed requests can cause a significant increase in system resource utilization. Note: Software versio...
CVE-2020-23042
Dropouts Technologies LLP Super Backup v2.0.5 was discovered to contain a cross-site scripting XSS vulnerability in the path parameter of the list and download module. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted GET request...
academic-chatgpt (>=0.3.0 <=0.4.1), ace-step (=0.1.0) +511 more potentially affected by CVE-2025-23042 via gradio (>=1.7.7 <=5.5.0)
gradio PYPI version =1.7.7, =0.3.0, =0.2.1, =2.0.0, =0.1.5, =0.0.6, =0.0.2, =0.3.2, =0.1.0, =0.8.11, =0.4.0, =0.0.4, =0.0.7 and more Source cves: CVE-2025-23042 Source advisory: OSV:PYSEC-2025-118...
CVE-2025-23042
Gradio is an open-source Python package that allows quick building of demos and web application for machine learning models, API, or any arbitrary Python function. Gradio's Access Control List ACL for file paths can be bypassed by altering the letter case of a blocked file or directory path. This...
CVE-2025-23042 Gradio Blocked Path ACL Bypass Vulnerability
Gradio is an open-source Python package that allows quick building of demos and web application for machine learning models, API, or any arbitrary Python function. Gradio's Access Control List ACL for file paths can be bypassed by altering the letter case of a blocked file or directory path. This...
CVE-2025-23042
Gradio Blocked Path ACL bypass vulnerability (CVE-2025-23042) arises from missing case normalization in file-path validation. On case-insensitive file systems (e.g., Windows/macOS), an attacker can circumvent ACLs by altering the letter case of a blocked path, potentially accessing restricted fil...
academic-chatgpt (>=0.3.0 <=0.4.1), africanwhisper (>=0.2.1 <=0.9.0) +321 more potentially affected by CVE-2025-23042 via gradio (>=1.7.7 <=5.10.0)
gradio PYPI version =1.7.7, =0.3.0, =0.2.1, =0.1.5, =0.0.6, =0.0.2, =0.1.0, =0.8.11, =0.4.0, =0.0.4, =0.1.1, =0.7.0.dev134, =0.7.0.dev143 - anymodality =0.1.0 and more Source cves: CVE-2025-23042 Source advisory: OSV:GHSA-J2JG-FQ62-7C3H...
ambientagi (>=0.1.1 <=0.2.12), deepchopper (>=1.0.1 <=1.3.1) +3 more potentially affected by CVE-2025-23042 via gradio (>=5.0.0 <=5.10.0)
gradio PYPI version =5.0.0, =0.1.1, =1.0.1, =1.1.8b3, =0.3.0, =0.6.3 - vuln-demo-math-ops =1.0.0 Source cves: CVE-2025-23042 Source advisory: SNYK:PYTHON-GRADIO-8623546...
CVE-2025-23042
creationtimestamp| type| source ---|---|--- 2025-01-14 15:32:01+00:00| published-proof-of-concept| https://github.com/gradio-app/gradio/security/advisories/GHSA-j2jg-fq62-7c3h 2025-01-14 19:11:01+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/1584 2025-01-14...
CVE-2022-48900
Removed by vendor...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-1933)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.10.0 : kernel (EulerOS-SA-2023-1933)
According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-1388)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP9 : kernel (EulerOS-SA-2022-1999)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A kernel information leak flaw was identified in the scsiioctl function in drivers/scsi/scsiioctl.c in the Linux kernel. This flaw allows a loca...
Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2022-9479)
The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9479 advisory. - perf: Fix sysperfeventopen race against self Peter Zijlstra Orabug: 34211086 CVE-2022-1729 - debug: Lock down kgdb Stephen Brennan Orabug: 342110...