CVE-2025-64758

@dependencytrack/frontend is a Single Page Application SPA used in Dependency-Track, an open source Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain. Since version 4.12.0, Dependency-Track users with the SYSTEMCONFIGURATION permission...

CVE-2025-64758

@dependencytrack/frontend is a Single Page Application SPA used in Dependency-Track, an open source Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain. Since version 4.12.0, Dependency-Track users with the SYSTEMCONFIGURATION permission...

CVE-2025-64758 @dependencytrack/frontend Vulnerable to Persistent Cross-Site-Scripting via Welcome Message

@dependencytrack/frontend is a Single Page Application SPA used in Dependency-Track, an open source Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain. Since version 4.12.0, Dependency-Track users with the SYSTEMCONFIGURATION permission...

CVE-2025-64758

CVE-2025-64758 affects Dependency-Track frontend (SPA). From 4.12.0 up to before 4.13.6, administrators with SYSTEM_CONFIGURATION could configure a login-page welcome message that was not properly sanitized, allowing arbitrary JavaScript to execute in users’ browsers. The issue results in a persi...

CVE-2025-64758 @dependencytrack/frontend Vulnerable to Persistent Cross-Site-Scripting via Welcome Message

@dependencytrack/frontend is a Single Page Application SPA used in Dependency-Track, an open source Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain. Since version 4.12.0, Dependency-Track users with the SYSTEMCONFIGURATION permission...

Dependency-Track Front-End 跨站脚本漏洞

Dependency-Track Front-End is a Dependency-Track open source front-end UI for dependency tracking. A cross-site scripting vulnerability exists in Dependency-Track Front-End versions 4.12.0 through prior to 4.13.6, which stems from improper HTML cleanup and could lead to arbitrary JavaScript...

SUSE CVE-2017-16529

The sndusbcreatestreams function in sound/usb/card.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service out-of-bounds read and system crash or possibly have unspecified other impact via a crafted USB device...

CVE-2017-15126

A use-after-free flaw was found in fs/userfaultfd.c in the Linux kernel before 4.13.6. The issue is related to the handling of fork failure when dealing with event messages. Failure to fork correctly can lead to a situation where a fork event will be removed from an already freed list of events...

Linux kernel local denial of service vulnerability (CNVD-2017-33096)

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A local denial of service vulnerability exists in the 'cdcparsecdcheader' function in the drivers/usb/core/message.c file in versions of Linux kernel prior to 4.13.6. A local...

Linux kernel local denial of service vulnerability (CNVD-2017-33092)

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A local denial of service vulnerability exists in the 'sndusbcreatestreams' function in the sound/usb/card.c file in versions of Linux kernel prior to 4.13.6. A local attacker...

DEBIAN-CVE-2017-16529

The sndusbcreatestreams function in sound/usb/card.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service out-of-bounds read and system crash or possibly have unspecified other impact via a crafted USB device...

DEBIAN-CVE-2017-16526

drivers/uwb/uwbd.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service general protection fault and system crash or possibly have unspecified other impact via a crafted USB device...

UBUNTU-CVE-2017-16526

drivers/uwb/uwbd.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service general protection fault and system crash or possibly have unspecified other impact via a crafted USB device...

Virtuozzo 7 : readykernel-patch (VZA-2017-100)

According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerability : - It was found that fanoutadd in 'net/packet/afpacket.c' in the Linux kernel, before version 4.13.6, allows local users ...

Linux kernel net/packet/af_packet.c file local elevation of privilege vulnerability

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A security vulnerability exists in the net/packet/afpacket.c file in versions of Linux kernel prior to 4.13.6. A local attacker can exploit this vulnerability to gain privileg...

PT-2017-3586 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.13.6 Description: A use-after-free flaw was found in fs/userfaultfd.c in the Linux kernel. The issue is related to the handling of fork failure when dealing with event messages. Failure to fork correctly can...