ROOT-OS-UBUNTU-2204-CVE-2022-49296 CVE-2022-49296 in rootio-linux - Patched by Root

Root has patched CVE-2022-49296 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

CVE-2023-49296

The Arduino Create Agent allows users to use the Arduino Create applications to upload code to any USB connected Arduino board directly from the browser. A vulnerability in versions prior to 1.3.6 affects the endpoint /certificate.crt and the way the web interface of the ArduinoCreateAgent handle...

EUVD-2025-49296

Malicious code in straightforwardgerbilz3n npm...

CVE-2025-49296

Path Traversal: '.../...//' vulnerability in Mikado-Themes GrandPrix grandprix allows PHP Local File Inclusion.This issue affects GrandPrix: from n/a through = 1.6...

CVE-2025-49296 WordPress GrandPrix <= 1.6 - Local File Inclusion Vulnerability

Path Traversal vulnerability in Mikado-Themes GrandPrix allows PHP Local File Inclusion. This issue affects GrandPrix: from n/a through 1.6...

WordPress GrandPrix Theme <= 1.6 is vulnerable to Local File Inclusion

Software GrandPrix Type Theme Vulnerable versions = 1.6 Fixed in 1.6.1 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-49296 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID c52f8c6d6e9e Credits Bonds Required privilege Unauthenticated Publishe...

Linux Distros Unpatched Vulnerability : CVE-2022-49296

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ceph: fix possible deadlock when holding Fwb to get inlinedata 1, mount with wsync. 2, create a file with ORDWR, and the request was sent to mds.0:...

CVE-2022-49296

creationtimestamp| type| source ---|---|--- 2025-02-26 02:23:18+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5421 2025-12-03 14:14:49+00:00| seen| https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8 2026-03-19 00:00:00+00:00| seen|...

CVE-2022-49296 ceph: fix possible deadlock when holding Fwb to get inline_data

In the Linux kernel, the following vulnerability has been resolved: ceph: fix possible deadlock when holding Fwb to get inlinedata 1, mount with wsync. 2, create a file with ORDWR, and the request was sent to mds.0: cephatomicopen-- cephmdscdorequestopenc finishopenfile, dentry, cephopen--...

CVE-2022-49296 ceph: fix possible deadlock when holding Fwb to get inline_data

In the Linux kernel, the following vulnerability has been resolved: ceph: fix possible deadlock when holding Fwb to get inlinedata 1, mount with wsync. 2, create a file with ORDWR, and the request was sent to mds.0: cephatomicopen-- cephmdscdorequestopenc finishopenfile, dentry, cephopen--...

CVE-2022-49296

CVE-2022-49296: Linux kernel Ceph deadlock when holding Fwb to get inline_data. The vulnerability arises during cephfs/cephmds inline data handling (inline_version logic) causing a deadlock involving Fwb/Fsr caps during the getattr sequence, potentially locking the system. Connected docs indicate...

CVE-2022-49296

In the Linux kernel, the following vulnerability has been resolved: ceph: fix possible deadlock when holding Fwb to get inlinedata 1, mount with wsync. 2, create a file with ORDWR, and the request was sent to mds.0: cephatomicopen-- cephmdscdorequestopenc finishopenfile, dentry, cephopen--...

CVE-2024-49296

creationtimestamp| type| source ---|---|--- 2024-10-17 21:40:19+00:00| seen| https://t.me/cvedetector/8230...

CVE-2024-49296

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in JC Custom Add to Cart Button Label and Link woo-custom-cart-button allows Stored XSS.This issue affects Custom Add to Cart Button Label and Link: from n/a through = 1.6.1...

WordPress Custom Add to Cart Button Label and Link Plugin <= 1.6.1 is vulnerable to Cross Site Scripting (XSS)

Software Custom Add to Cart Button Label and Link Type Plugin Vulnerable versions = 1.6.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-49296 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 21931c0098d9 Credits LVT-tholv2k...

CVE-2023-49296

creationtimestamp| type| source ---|---|--- 2024-01-10 14:07:03+00:00| seen| https://t.me/ctinow/165790...

CVE-2023-49296

The CVE-2023-49296 vulnerability affects the Arduino Create Agent prior to version 1.3.6, where the /certificate.crt endpoint and error-message handling allow Reflected Cross-Site Scripting. An attacker can lure a user to click a malicious link, enabling arbitrary client-side code execution in th...