ROOT-OS-UBUNTU-2404-CVE-2026-31673 CVE-2026-31673 in rootio-linux - Patched by Root

Root has patched CVE-2026-31673 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

CVE-2026-31673 vulnerabilities

Vulnerabilities for packages: linux-qemu, linux-gcp, linux-vmware, linux-aws, linux-azure...

CVE-2026-31673

In the Linux kernel, the following vulnerability has been resolved: afunix: read UNIXDIAGVFS data under unixstatelock Exact UNIX diag lookups hold a reference to the socket, but not to u-path. Meanwhile, unixreleasesock clears u-path under unixstatelock and drops the path reference after unlockin...

Linux Distros Unpatched Vulnerability : CVE-2026-31673

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - afunix: read UNIXDIAGVFS data under unixstatelock Exact UNIX diag lookups hold a reference to the socket, but not to u-path. Meanwhile, unixreleasesock clears...

EUVD-2025-31673

Malicious code in bioql PyPI...

CVE-2025-31673

Incorrect Authorization vulnerability in Drupal Drupal core allows Forceful Browsing.This issue affects Drupal core: from 8.0.0 before 10.3.13, from 10.4.0 before 10.4.3, from 11.0.0 before 11.0.12, from 11.1.0 before 11.1.3...

CVE-2025-31673

Incorrect Authorization vulnerability in Drupal Drupal core allows Forceful Browsing.This issue affects Drupal core: from 8.0.0 before 10.3.13, from 10.4.0 before 10.4.3, from 11.0.0 before 11.0.12, from 11.1.0 before 11.1.3...

CVE-2025-31673 Drupal core - Moderately critical - Access bypass - SA-CORE-2025-002

Incorrect Authorization vulnerability in Drupal Drupal core allows Forceful Browsing.This issue affects Drupal core: from 8.0.0 before 10.3.13, from 10.4.0 before 10.4.3, from 11.0.0 before 11.0.12, from 11.1.0 before 11.1.3...

CVE-2025-31673 Drupal core - Moderately critical - Access bypass - SA-CORE-2025-002

Incorrect Authorization vulnerability in Drupal Drupal core allows Forceful Browsing.This issue affects Drupal core: from 8.0.0 before 10.3.13, from 10.4.0 before 10.4.3, from 11.0.0 before 11.0.12, from 11.1.0 before 11.1.3...

CVE-2025-31673

CVE-2025-31673 is an incorrect Authorization vulnerability in Drupal core that enables Forceful Browsing. Affected versions include Drupal core 8.0.0 to before 10.3.13, 10.4.0 to before 10.4.3, 11.0.0 to before 11.0.12, and 11.1.0 to before 11.1.3. The issue arises from improper access checks, cr...

CVE-2024-31673

Kliqqi-CMS 2.0.2 is vulnerable to SQL Injection in loaddata.php via the userid parameter...

CVE-2024-31673

Kliqqi-CMS 2.0.2 is vulnerable to SQL Injection in loaddata.php via the userid parameter...

VMware vRealize Operations 8.x < 8.6.4 Multiple Vulnerabilities (VMSA-2022-0022)

The version of VMware vRealize Operations vROps running on the remote host is 8.x prior to 8.6.4. It is, therefore, affected by a multiple vulnerabilities: - A malicious actor with administrative network access can escalate privileges to root. CVE-2022-31672 - A low-privileged malicious actor wit...

CVE-2022-31673

VMware vRealize Operations contains an information disclosure vulnerability. A low-privileged malicious actor with network access can create and leak hex dumps, leading to information disclosure. Successful exploitation can lead to a remote code execution...

CVE-2022-31673

CVE-2022-31673 affects VMware vRealize Operations (versions affected per VMSA-2022-0022). Description: a low-privileged, network-access attacker can create and leak hex dumps, causing information disclosure; successful exploitation can lead to remote code execution. Connected documents corroborat...

Cyclos 4.14.7 - (groupId) DOM Based Cross-Site Scripting Vulnerability

Exploit Title: Cyclos 4.14.7 - 'groupId' DOM Based Cross-Site Scripting XSS Exploit Author: Tin Pham aka TF1T of VietSunshine Cyber Security Services Vendor Homepage: https://www.cyclos.org/ Version: Cyclos 4.14.7 and prior Tested on: Ubuntu CVE : CVE-2021-31673 Description: A Dom-based Cross-sit...

Cyclos 4.14.7 Cross Site Scripting

Exploit Title: Cyclos 4.14.7 - 'groupId' DOM Based Cross-Site Scripting XSS Date: 17/04/2021 Exploit Author: Tin Pham aka TF1T of VietSunshine Cyber Security Services Vendor Homepage: https://www.cyclos.org/ Version: Cyclos 4.14.7 and prior Tested on: Ubuntu CVE : CVE-2021-31673 Description: A...

Cyclos 4.14.7 - &#039;groupId&#039; DOM Based Cross-Site Scripting (XSS)

Exploit Title: Cyclos 4.14.7 - 'groupId' DOM Based Cross-Site Scripting XSS Date: 17/04/2021 Exploit Author: Tin Pham aka TF1T of VietSunshine Cyber Security Services Vendor Homepage: https://www.cyclos.org/ Version: Cyclos 4.14.7 and prior Tested on: Ubuntu CVE : CVE-2021-31673 Description: A...

CVE-2021-31673

creationtimestamp| type| source ---|---|--- 2022-05-02 07:27:30+00:00| seen| https://t.me/cibsecurity/41705...

CVE-2021-31673

A Dom-based Cross-site scripting XSS vulnerability at registration account in Cyclos 4 PRO.14.7 and before allows remote attackers to inject arbitrary web script or HTML via the groupId parameter...