ROOT-OS-UBUNTU-2204-CVE-2026-23356 CVE-2026-23356 in rootio-linux - Patched by Root

Root has patched CVE-2026-23356 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

ROOT-OS-DEBIAN-13-CVE-2026-23356 CVE-2026-23356 in rootio-linux - Patched by Root

Root has patched CVE-2026-23356 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...

ROOT-OS-DEBIAN-12-CVE-2026-23356 CVE-2026-23356 in rootio-linux - Patched by Root

Root has patched CVE-2026-23356 in the rootio-linux package for Root:Debian:12. Multiple fixed versions available...

ROOT-OS-DEBIAN-11-CVE-2026-23356 CVE-2026-23356 in rootio-linux - Patched by Root

Root has patched CVE-2026-23356 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

CVE-2026-23356

creationtimestamp| type| source ---|---|--- 2026-03-29 17:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0376/ 2026-05-05 20:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/debian-linux-kernel-multiple-vulnerabilities20260506...

DEBIAN-CVE-2026-23356

In the Linux kernel, the following vulnerability has been resolved: drbd: fix "LOGIC BUG" in drbdalbeginiononblock Even though we check that we "should" be able to do lcgetcumulative while holding the device-allock spinlock, it may still fail, if some other code path decided to do lctrylock with...

sai-isaac (>=0.0.5 <=0.0.7) potentially affected by CVE-2025-23356 via isaaclab (=2.0.2)

isaaclab PYPI version =2.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on isaaclab and may be impacted: - sai-isaac =0.0.5, =0.0.7 Source cves: CVE-2025-23356 Source advisory: SNYK:PYTHON-ISAACLAB-13553157...

CVE-2025-23356

creationtimestamp| type| source ---|---|--- 2025-10-14 18:17:27+00:00| seen| Telegram/j37ZFvbz0aztWsczDW487amZn9gl5z3yz43jGA0aCJZahpU...

CVE-2020-23356

dmin/kernel/api/login.class.phpin in nibbleblog v3.7.1c allows type juggling for login bypass because == is used instead of === for password hashes, which mishandles hashes that begin with 0e followed by exclusively numerical characters...

CVE-2023-23356

A command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute arbitrary commands. We have already fixed the vulnerability in the following versions:...

CVE-2023-23356

creationtimestamp| type| source ---|---|--- 2024-12-19 02:13:04+00:00| seen| https://infosec.exchange/users/cve/statuses/113677066800818635 2024-12-19 03:55:53+00:00| seen| https://t.me/cvedetector/13306...

CVE-2023-23356 QuFirewall

A command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute arbitrary commands. We have already fixed the vulnerability in the following versions:...

CVE-2024-23356 Improper Restriction of Operations within the Bounds of a Memory Buffer in HLOS

Memory corruption during session sign renewal request calls in HLOS...

CVE-2024-23356 Improper Restriction of Operations within the Bounds of a Memory Buffer in HLOS

Memory corruption during session sign renewal request calls in HLOS...

CVE-2024-23356

CVE-2024-23356 is described as memory corruption during session sign renewal calls in HLOS, with a root cause of improper restriction of operations within a memory buffer. Public entries (NVD, CVE records, Red Hat) assign a CVSSv3.1 base score of 7.8 (HIGH), with LOCAL attack vector, LOW attack c...

@duetds/angular (>=5.0.2 <=5.0.3), @duetds/components (>=5.0.2 <=5.0.3) +2 more potentially affected by CVE-2021-23356 via kill-process-by-name (=1.0.5)

kill-process-by-name NPM version =1.0.5 is affected by a known vulnerability. The following packages have a transitive dependency on kill-process-by-name and may be impacted: - @duetds/angular =5.0.2, =5.0.2, =1.7.20, =5.0.2, =5.0.3 Source cves: CVE-2021-23356 Source advisory:...

CVE-2021-23356

creationtimestamp| type| source ---|---|--- 2021-03-15 19:29:08+00:00| seen| https://t.me/cibsecurity/24906...

CVE-2021-23356

This affects all versions of package kill-process-by-name. If attacker-controlled user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization in the index.js file...

CVE-2021-23356

CVE-2021-23356 affects all versions of the Node.js package kill-process-by-name. The root cause is use of child_process.exec without input sanitization in index.js, allowing attacker-controlled input to execute arbitrary commands. In practice, this enables arbitrary command execution with network...

CVE-2021-23356 Arbitrary Command Injection

This affects all versions of package kill-process-by-name. If attacker-controlled user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization in the index.js file...