8 matches found
SUSE CVE-2025-39699
In the Linux kernel, the following vulnerability has been resolved: iommu/riscv: prevent NULL deref in iovatophys The riscviommuptefetch function returns either NULL for unmapped/never-mapped iova, or a valid leaf pte pointer that requires no further validation. riscviommuiovatophys failed to...
CVE-2025-39699
In the Linux kernel, the following vulnerability has been resolved: iommu/riscv: prevent NULL deref in iovatophys The riscviommuptefetch function returns either NULL for unmapped/never-mapped iova, or a valid leaf pte pointer that requires no further validation. riscviommuiovatophys failed to...
CVE-2025-39699
In the Linux kernel, the following vulnerability has been resolved: iommu/riscv: prevent NULL deref in iovatophys The riscviommuptefetch function returns either NULL for unmapped/never-mapped iova, or a valid leaf pte pointer that requires no further validation. riscviommuiovatophys failed to...
MAL-2025-39699 Malicious code in xenos-solis-markdownlint-izar (npm)
The package xenos-solis-markdownlint-izar was found to contain malicious code...
CVE-2024-39699 Directus has a Blind SSRF On File Import
Directus is a real-time API and App dashboard for managing SQL database content. There was already a reported SSRF vulnerability via file import. It was fixed by resolving all DNS names and checking if the requested IP is an internal IP address. However it is possible to bypass this security...
@deconz-community/directus-extension-ddf-store (=0.1.0), datacore-mv (=10.3.0) +2 more potentially affected by CVE-2024-39699 via @directus/api (>=10.0.0 <=17.0.1)
@directus/api NPM version =10.0.0, =10.0.0, =1.0.0, =1.1.2 Source cves: CVE-2024-39699 Source advisory: OSV:GHSA-8P72-RCQ4-H6PW...
CVE-2024-39699
creationtimestamp| type| source ---|---|--- 2024-07-08 12:27:48+00:00| published-proof-of-concept| https://github.com/directus/directus/security/advisories/GHSA-8p72-rcq4-h6pw 2024-07-08 18:40:33+00:00| seen| https://t.me/cvedetector/190...
CVE-2023-39699
CVE-2023-39699 affects IceWarp Mail Server v10.4.5 via a Local File Inclusion (LFI) in the /calendar/minimizer/index.php component. The vulnerability allows an attacker to include or execute files from the server’s local filesystem. Documented impact is high (potential code execution/unauthorized...