ROOT-OS-DEBIAN-11-CVE-2024-35840 CVE-2024-35840 in rootio-linux - Patched by Root

Root has patched CVE-2024-35840 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

SUSE SLES15 Security Update : kernel (SUSE-SU-2025:01967-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01967-1 advisory. The SUSE Linux Enterprise 15 SP7 Azure kernel was updated to receive various security bugfixes. The following security bugs were...

SUSE-SU-2025:01964-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching bsc1242006. - CVE-2024-35840: mptcp: use OPTIONMPTCPMPJSYNACK in subflowfinishconnect...

BELL-CVE-2024-35840

Bulletin has no description...

CVE-2024-35840 mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect()

In the Linux kernel, the following vulnerability has been resolved: mptcp: use OPTIONMPTCPMPJSYNACK in subflowfinishconnect subflowfinishconnect uses four fields backup, joinid, thmac, none that may contain garbage unless OPTIONMPTCPMPJSYNACK has been set in mptcpparseoption...

CVE-2024-35840 mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect()

In the Linux kernel, the following vulnerability has been resolved: mptcp: use OPTIONMPTCPMPJSYNACK in subflowfinishconnect subflowfinishconnect uses four fields backup, joinid, thmac, none that may contain garbage unless OPTIONMPTCPMPJSYNACK has been set in mptcpparseoption...

elFinder < 2.1.62 Path Traversal Vulnerability (GHSA-wm5g-p99q-66g4)

elFinder is prone to a path traversal vulnerability in the PHP LocalVolumeDriver connector. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE...

CVE-2023-35840

creationtimestamp| type| source ---|---|--- 2023-06-23 10:59:01+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/8540 2023-06-24 16:36:08+00:00| published-proof-of-concept| https://t.me/crackcodes/3726 2023-06-24 16:36:58+00:00| published-proof-of-concept|...

CVE-2023-35840

joinPath in elFinderVolumeLocalFileSystem.class.php in elFinder before 2.1.62 allows path traversal in the PHP LocalVolumeDriver connector...

CVE-2022-35840 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

...

CVE-2022-35840

Technical details about CVE-2022-35840 are not publicly available in the provided documents. Monitor for updates from the cited sources to learn affected products, impact, and remediation.

CVE-2020-35840

CVE-2020-35840 is a stored XSS vulnerability in multiple NETGEAR routers (e.g., D6200, D7000, JNR1010v2, JR6150, JWNR2010v5, R60x/R62x/R6260 series, R6050/R6080, WNR1000v4, WNR2020, WNR2050, etc.) across various vendor firmware versions listed in the description. The root cause is unsanitized inp...