24 matches found
ROOT-OS-DEBIAN-12-CVE-2025-38691 CVE-2025-38691 in rootio-linux - Patched by Root
Root has patched CVE-2025-38691 in the rootio-linux package for Root:Debian:12. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-38691 CVE-2025-38691 in rootio-linux - Patched by Root
Root has patched CVE-2025-38691 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2204-CVE-2025-38691 CVE-2025-38691 in rootio-linux - Patched by Root
Root has patched CVE-2025-38691 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...
Siemens SIMATIC S7-1500 Use of Uninitialized Resource (CVE-2025-38691)
In the Linux kernel, the following vulnerability has been resolved: pNFS: Fix uninited ptr deref in block/scsi layout The error occurs on the third attempt to encode extents. When function exttreepreparecommit reallocates a larger buffer to retry encoding extents, the layoutupdatepages page array...
EUVD-2025-38691
Malicious code in xaver-nasiuduk93-ruro npm...
CVE-2025-38691 affecting package kernel for versions less than 6.6.104.2-1
CVE-2025-38691 affecting package kernel for versions less than 6.6.104.2-1. An upgraded version of the package is available that resolves this issue...
Linux Distros Unpatched Vulnerability : CVE-2025-38691
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pNFS: Fix uninited ptr deref in block/scsi layout The error occurs on the third attempt to encode extents. When function exttreepreparecommit reallocates a larg...
CVE-2025-38691
In the Linux kernel, the following vulnerability has been resolved: pNFS: Fix uninited ptr deref in block/scsi layout The error occurs on the third attempt to encode extents. When function exttreepreparecommit reallocates a larger buffer to retry encoding extents, the "layoutupdatepages" page arr...
AZL-73920 CVE-2025-38691 affecting package kernel for versions less than 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: pNFS: Fix uninited ptr deref in block/scsi layout The error occurs on the third attempt to encode extents. When function exttreepreparecommit reallocates a larger buffer to retry encoding extents, the "layoutupdatepages" page arr...
CVE-2025-38691
In the Linux kernel, the following vulnerability has been resolved: pNFS: Fix uninited ptr deref in block/scsi layout The error occurs on the third attempt to encode extents. When function exttreepreparecommit reallocates a larger buffer to retry encoding extents, the "layoutupdatepages" page arr...
CVE-2022-38691
creationtimestamp| type| source ---|---|--- 2025-09-01 09:14:53+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lxrbay2bbr2j 2025-09-02 21:02:33+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lxuzbcfd7e2b...
MAL-2025-38691 Malicious code in vulcan-docusaurus-quark-mineralogy (npm)
The package vulcan-docusaurus-quark-mineralogy was found to contain malicious code...
CVE-2023-38691
matrix-appservice-bridge provides an API for setting up bridges. Starting in version 4.0.0 and prior to versions 8.1.2 and 9.0.1, a malicious Matrix server can use a foreign user's MXID in an OpenID exchange, allowing a bad actor to impersonate users when using the provisioning API. The library...
CVE-2024-38691 WordPress Metorik plugin <= 1.7.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Metorik Metorik – Reports & Email Automation for WooCommerce allows Cross Site Request Forgery.This issue affects Metorik – Reports & Email Automation for WooCommerce: from n/a through 1.7.1...
CVE-2024-38691 WordPress Metorik plugin <= 1.7.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Metorik Metorik – Reports & Email Automation for WooCommerce metorik-helper allows Cross Site Request Forgery.This issue affects Metorik – Reports & Email Automation for WooCommerce: from n/a through = 1.7.1...
CVE-2024-38691
CVE-2024-38691 affects the Metorik – Reports & Email Automation for WooCommerce WordPress plugin (
CVE-2023-38691
creationtimestamp| type| source ---|---|--- 2023-08-04 20:40:58+00:00| seen| Telegram/fcgQ1damO87-NMVO6KgFK2mX7sEweNwJptjytypSAXDLDI...
matrix-appservice-irc (=0.36.0) potentially affected by CVE-2023-38691 via matrix-appservice-bridge (=6.0.0)
matrix-appservice-bridge NPM version =6.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on matrix-appservice-bridge and may be impacted: - matrix-appservice-irc =0.36.0 Source cves: CVE-2023-38691 Source advisory: OSV:GHSA-VC7J-H8XG-FV5X...
CVE-2023-38691 matrix-appservice-bridge doesn't verify the sub parameter of an openId token exhange, allowing unauthorized access to provisioning APIs
matrix-appservice-bridge provides an API for setting up bridges. Starting in version 4.0.0 and prior to versions 8.1.2 and 9.0.1, a malicious Matrix server can use a foreign user's MXID in an OpenID exchange, allowing a bad actor to impersonate users when using the provisioning API. The library...
CVE-2023-38691 matrix-appservice-bridge doesn't verify the sub parameter of an openId token exhange, allowing unauthorized access to provisioning APIs
matrix-appservice-bridge provides an API for setting up bridges. Starting in version 4.0.0 and prior to versions 8.1.2 and 9.0.1, a malicious Matrix server can use a foreign user's MXID in an OpenID exchange, allowing a bad actor to impersonate users when using the provisioning API. The library...