ROOT-OS-UBUNTU-2404-CVE-2025-38391 CVE-2025-38391 in rootio-linux - Patched by Root

Root has patched CVE-2025-38391 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

CVE-2025-38391 affecting package kernel for versions less than 6.6.104.2-1

CVE-2025-38391 affecting package kernel for versions less than 6.6.104.2-1. An upgraded version of the package is available that resolves this issue...

SUSE CVE-2025-38391

In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: do not index invalid pinassignments A poorly implemented DisplayPort Alt Mode port partner can indicate that its pin assignment capabilities are greater than the maximum value, DPPINASSIGNF. In...

AZL-65687 CVE-2025-38391 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: do not index invalid pinassignments A poorly implemented DisplayPort Alt Mode port partner can indicate that its pin assignment capabilities are greater than the maximum value, DPPINASSIGNF. In...

CVE-2025-38391

In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: do not index invalid pinassignments A poorly implemented DisplayPort Alt Mode port partner can indicate that its pin assignment capabilities are greater than the maximum value, DPPINASSIGNF. In...

CVE-2025-38391

CVE-2025-38391 in the Linux kernel addresses a vulnerability in USB Type-C Alt Mode handling for DisplayPort. A misbehaving port partner could claim pin assignment capabilities beyond the valid range, causing an out-of-bounds access in pin_assignment_show. The fix adds a DP_PIN_ASSIGN_MAX constan...

CVE-2025-38391 usb: typec: altmodes/displayport: do not index invalid pin_assignments

In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: do not index invalid pinassignments A poorly implemented DisplayPort Alt Mode port partner can indicate that its pin assignment capabilities are greater than the maximum value, DPPINASSIGNF. In...

Linux Distros Unpatched Vulnerability : CVE-2024-38391

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. CVE-2024-38391 Note that Nessus relies on the presence of the packag...

Oracle Linux 9 : kernel (ELSA-2024-5363)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-5363 advisory. - net: fix dstnegativeadvice race CKI Backport Bot RHEL-46798 CVE-2024-36971 - net: annotate data-races around sk-skdstpendingconfirm CKI Backport Bot...

UBUNTU-CVE-2024-38391

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2024-38391

Removed by vendor...

CVE-2023-38391

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Themesgrove Onepage Builder allows SQL Injection.This issue affects Onepage Builder: from n/a through 2.4.1...

CVE-2023-38391 WordPress Onepage Builder – Easiest Landing Page Builder For WordPress Plugin <= 2.4.1 is vulnerable to SQL Injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Themesgrove Onepage Builder allows SQL Injection.This issue affects Onepage Builder: from n/a through 2.4.1...

CVE-2023-38391

CVE-2023-38391 is an SQL injection vulnerability in the WordPress plugin tx-onepager/Onepage Builder (also referred to as Onepage Builder) affecting versions n/a through 2.4.1. The root cause is improper neutralization of input in SQL commands, enabling an unauthenticated attacker to manipulate q...

CVE-2022-38391

CVE-2022-38391 affects IBM Spectrum Control 5.4, where the vulnerability stems from the use of weaker-than-expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. Concrete details across sources confirm the affected product/version and the cryptogra...

Delta Electronics DIAEnergie Blind SQLi (CVE-2021-38391)

Binary data deltaelectronicsdiaenergiecve-2021-38391.nbin...

Delta Electronics DIAEnergie SQL Injection (CVE-2021-38391)

An SQL injection exists in Delta Industrial Automation DIAEnergie. The vulnerability is due to an input validation error when processing the type parameter in the AMHandler.ashx endpoint...

CVE-2021-38391

The CVE-2021-38391 entry describes a Blind SQL injection in Delta Electronics DIAEnergie—specifically the /DataHandler/AM/AM_Handler.ashx endpoint. Affects DIAEnergie versions up to 1.7.5 (and earlier); root cause is improper validation of the type parameter before including it in an SQL query, a...