12 matches found
ROOT-OS-DEBIAN-12-CVE-2026-31712 CVE-2026-31712 in rootio-linux - Patched by Root
Root has patched CVE-2026-31712 in the rootio-linux package for Root:Debian:12. Multiple fixed versions available...
ROOT-OS-UBUNTU-2204-CVE-2026-31712 CVE-2026-31712 in rootio-linux - Patched by Root
Root has patched CVE-2026-31712 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...
Linux Distros Unpatched Vulnerability : CVE-2026-31712
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: require minimum ACE size in smbcheckpermdacl Both ACE-walk loops in smbcheckpermdacl only guard against an under-sized remaining buffer, not against an...
DEBIAN-CVE-2026-31712
In the Linux kernel, the following vulnerability has been resolved: ksmbd: require minimum ACE size in smbcheckpermdacl Both ACE-walk loops in smbcheckpermdacl only guard against an under-sized remaining buffer, not against an ACE whose declared ace-size is smaller than the struct it claims to...
UBUNTU-CVE-2026-31712
In the Linux kernel, the following vulnerability has been resolved: ksmbd: require minimum ACE size in smbcheckpermdacl Both ACE-walk loops in smbcheckpermdacl only guard against an under-sized remaining buffer, not against an ACE whose declared ace-size is smaller than the struct it claims to...
CVE-2026-31712
In the Linux kernel, the following vulnerability has been resolved: ksmbd: require minimum ACE size in smbcheckpermdacl Both ACE-walk loops in smbcheckpermdacl only guard against an under-sized remaining buffer, not against an ACE whose declared ace-size is smaller than the struct it claims to...
CVE-2025-31712
In cplog service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed...
CVE-2025-31712
In cplog service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed...
Cross-Site Scripting
Overview react-draft-wysiwyg aka React Draft Wysiwyg before 1.14.6 allows a javascript: URi in a Link Target of the link decorator in decorators/Link/index.js when a draft is shared across users, leading to XSS. Recommendation Upgrade to version 1.14.6 or later References - CVE - GitHub Advisory...
@1studio/ui (>=1.0.7 <=2.83.0), @clickview/player (>=1.24.1-dev.0 <=100.101.0-rc.1) +52 more potentially affected by CVE-2021-31712 via react-draft-wysiwyg (>=1.10.0 <=1.14.5)
react-draft-wysiwyg NPM version =1.10.0, =1.0.7, =1.24.1-dev.0, =0.0.2, =2.1.15, =0.1.0, =1.0.0, =1.0.0, =0.1.1, =0.1.5, =0.8.6, =0.0.15, =2.1.19, =1.0.0, =0.10.5, =0.10.6 and more Source cves: CVE-2021-31712 Source advisory: OSV:GHSA-QCG2-H349-VWM3...
CVE-2021-31712
react-draft-wysiwyg aka React Draft Wysiwyg before 1.14.6 allows a javascript: URi in a Link Target of the link decorator in decorators/Link/index.js when a draft is shared across users, leading to XSS...
CVE-2021-31712
React Draft Wysiwyg (react-draft-wysiwyg) prior to 1.14.6 is vulnerable to XSS via a javascript: URI in a Link Target within decorators/Link/index.js when a draft is shared across users. The issue is documented across multiple feeds (including CVE-2021-31712 entries and Red Hat/Veracode advisorie...