ROOT-OS-DEBIAN-11-CVE-2025-38460 CVE-2025-38460 in rootio-linux - Patched by Root

Root has patched CVE-2025-38460 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

CVE-2025-38460 affecting package kernel for versions less than 5.15.200.1-1

CVE-2025-38460 affecting package kernel for versions less than 5.15.200.1-1. An upgraded version of the package is available that resolves this issue...

BELL-CVE-2025-38460

Bulletin has no description...

CVE-2025-38460

In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fix potential null-ptr-deref in toatmarpd. atmarpd is protected by RTNL since commit f3a0592b37b8 "ATM: clip causes unregister hang". However, it is not enough because toatmarpd is called without RTNL, especially...

CVE-2025-38460 atm: clip: Fix potential null-ptr-deref in to_atmarpd().

In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fix potential null-ptr-deref in toatmarpd. atmarpd is protected by RTNL since commit f3a0592b37b8 "ATM: clip causes unregister hang". However, it is not enough because toatmarpd is called without RTNL, especially...

SonarSource SonarQube Server < 9.9.4 / 10.x < 10.4 Information Disclosure (CVE-2024-38460)

The version of SonarSource SonarQube Server running on the remote host is prior to 9.9.4 or 10.x prior to 10.4. It is, therefore, affected by an information disclosure vulnerability: - In SonarQube before 10.4 and 9.9.4 LTA, encrypted values generated using the Settings Encryption feature are...

CVE-2023-38460

creationtimestamp| type| source ---|---|--- 2023-09-04 07:22:09+00:00| seen| https://t.me/cibsecurity/69743...

CVE-2023-38460

Summary of CVE-2023-38460 : Multiple connected sources identify a vulnerability in vowifiservice (linked to Unisoc chipsets) caused by a possible missing permission check. The underlying issue enables local privilege escalation with no additional execution privileges, with CVSS/metrics indicating...

CVE-2022-38460

Authenticated contributor+ Stored Cross-Site Scripting XSS vulnerability in NOTICE BOARD plugin = 1.1 at WordPress...

CVE-2022-38460 WordPress NOTICE BOARD plugin <= 1.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated contributor+ Stored Cross-Site Scripting XSS vulnerability in NOTICE BOARD plugin = 1.1 at WordPress...

CVE-2022-38460

CVE-2022-38460 : Authenticated (contributor+) Stored Cross-Site Scripting in the WordPress plugin NOTICE BOARD (versions ≤ 1.1). The vulnerability arises from inadequate data filtering/escaping of user input, enabling XSS when a user with contributor+ privileges interacts with the plugin. Several...

Critical Security Flaws Reported in Moxa MXview Network Management Software

Technical details have been disclosed regarding a number of security vulnerabilities affecting Moxa's MXview web-based network management system, some of which could be chained by an unauthenticated adversary to achieve remote code execution on unpatched servers. The five security weaknesses "cou...

Critical MQTT-Related Bugs Open Industrial Networks to RCE Via Moxa

Critical security vulnerabilities in Moxa’s MXview web-based network management system open the door to an unauthenticated remote code execution RCE as SYSTEM on any unpatched MXview server, researchers warned this week. The five bugs, affecting versions 3.x to 3.2.2, score a collective 10 out of...

CVE-2021-38460 Moxa MXview Network Management Software

A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries...

CVE-2021-38460

MXview, version 3.x–3.2.2, contains CVE-2021-38460: a credential leakage/ unprotected transport vulnerability that may allow an attacker to obtain credentials. The condition is tied to password exposure in transit and storage, enabling potential unauthorized access. mitigations documented across ...