CVE-2025-49000

InvenTree (before v0.17.13) has an unbounded skip field in the built-in label-sheet plugin. An authenticated label-printing user can trigger a denial-of-service via memory exhaustion by supplying a large value, as described in CVE-2025-49000. The issue is fixed in v0.17.13 and higher. No workarou...

CVE-2025-49000 InvenTree has uncontrolled memory allocation via built-in label-sheet plugin

InvenTree is an Open Source Inventory Management System. Prior to version 0.17.13, the skip field in the built-in label-sheet plugin lacks an upper bound, so a large value forces the server to allocate an enormous Python list. This lets any authenticated label-printing user trigger a...

CVE-2025-49000 InvenTree has uncontrolled memory allocation via built-in label-sheet plugin

InvenTree is an Open Source Inventory Management System. Prior to version 0.17.13, the skip field in the built-in label-sheet plugin lacks an upper bound, so a large value forces the server to allocate an enormous Python list. This lets any authenticated label-printing user trigger a...

Linux Distros Unpatched Vulnerability : CVE-2022-49000

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iommu/vt-d: Fix PCI device refcount leak in hasexternalpci foreachpcidev is implemented by pcigetdevice. The comment of pcigetdevice says that it will increase...

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The Linux Enterprise 12 SP5 kernel turned LTSS Extended Security The following security bugs were fixed: CVE-2021-46936: Fixed use-after-free in twtimerhandler bsc1220439. CVE-2021-47163: kABI fix for tipc:...

SUSE-SU-2024:4100-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The Linux Enterprise 12 SP5 kernel turned LTSS Extended Security The following security bugs were fixed: - CVE-2021-46936: Fixed use-after-free in twtimerhandler bsc1220439. - CVE-2021-47163: kABI fix for...

CVE-2024-49000

SQL Server Native Client Remote Code Execution Vulnerability...

CVE-2022-49000

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix PCI device refcount leak in hasexternalpci foreachpcidev is implemented by pcigetdevice. The comment of pcigetdevice says that it will increase the reference count for the returned pcidev and also decrease the...

CVE-2022-49000

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix PCI device refcount leak in hasexternalpci foreachpcidev is implemented by pcigetdevice. The comment of pcigetdevice says that it will increase the reference count for the returned pcidev and also decrease the...

CVE-2022-49000

CVE-2022-49000 – Linux kernel (iommu/vt-d) refcount leak fix . The issue stems from for_each_pci_dev() implemented via pci_get_device(); the returned pci_dev’s reference count is incremented, but input dev is not always decremented, leading to a potential refcount leak. The patch adds a pci_dev_p...

CVE-2022-49000 iommu/vt-d: Fix PCI device refcount leak in has_external_pci()

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix PCI device refcount leak in hasexternalpci foreachpcidev is implemented by pcigetdevice. The comment of pcigetdevice says that it will increase the reference count for the returned pcidev and also decrease the...

CVE-2022-49000

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix PCI device refcount leak in hasexternalpci foreachpcidev is implemented by pcigetdevice. The comment of pcigetdevice says that it will increase the reference count for the returned pcidev and also decrease the...

CVE-2023-49000

creationtimestamp| type| source ---|---|--- 2023-12-27 23:26:07+00:00| seen| https://t.me/ctinow/159834 2023-12-29 12:06:10+00:00| seen| https://t.me/arpsyndicate/2246 2024-01-19 16:41:54+00:00| seen| https://t.me/ctinow/170269...

CVE-2023-49000

Affected software: ArtistScope ArtisBrowser (versions 34.1.5 and earlier). Vulnerability: Bypass of intended access restrictions via interaction with the com.artis.browser.IntentReceiverActivity component. Root cause/notes: Issue described across multiple sources; vendor disputes that ArtisBrowse...