15 matches found
Astra Linux - уязвимость в linux
In drivers/char/virtioconsole.c in the Linux kernel before 5.13.4, data corruption or loss can occur when a trustedless device provides a buf-len value that exceeds the buffer size. NOTE: the vendor indicates that the mentioned data corruption is not a vulnerability in any existing use case; the...
CVE-2026-33742 Invoice Ninja has Stored XSS via Markdown HTML Injection in Product Notes
Invoice Ninja is a source-available invoice, quote, project and time-tracking app built with Laravel. Product notes fields in Invoice Ninja v5.13.0 allow raw HTML via Markdown rendering, enabling stored XSS. The Markdown parser output was not sanitized with purify::clean before being included in...
CVE-2026-33742 Invoice Ninja has Stored XSS via Markdown HTML Injection in Product Notes
Invoice Ninja is a source-available invoice, quote, project and time-tracking app built with Laravel. Product notes fields in Invoice Ninja v5.13.0 allow raw HTML via Markdown rendering, enabling stored XSS. The Markdown parser output was not sanitized with purify::clean before being included in...
EUVD-2021-17286
Malware in sbrugna...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414599)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414599 advisory. fs/seqfile.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bound...
Linux Distros Unpatched Vulnerability : CVE-2021-38202
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/nfsd/trace.h in the Linux kernel before 5.13.4 might allow remote attackers to cause a denial of service out-of-bounds read in strlen by sending NFS traffic...
CVE-2021-30355
Amazon Kindle e-reader prior to and including version 5.13.4 improperly manages privileges, allowing the framework user to elevate privileges to root...
CVE-2021-30355
Amazon Kindle e-reader prior to and including version 5.13.4 improperly manages privileges, allowing the framework user to elevate privileges to root...
Design/Logic Flaw
Amazon Kindle e-reader prior to and including version 5.13.4 improperly manages privileges, allowing the framework user to elevate privileges to root...
GSD-2021-1001197 NFSv4: Initialise connection to the server in nfs4_alloc_client()
NFSv4: Initialise connection to the server in nfs4allocclient This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.13.4 by commit...
GSD-2021-1001187 arch_topology: Avoid use-after-free for scale_freq_data
archtopology: Avoid use-after-free for scalefreqdata This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.13.4 by commit...
UVI-2021-1001177 NFSD: Prevent a possible oops in the nfs_dirent() tracepoint
NFSD: Prevent a possible oops in the nfsdirent tracepoint This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.13.4 by commit...
fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations leading to an integer overflow an Out-of-bounds Write and escalation to root by an unprivileged user aka CID-8cae8cd89f05.
...
PT-2021-1515
Name of the Vulnerable Software and Affected Versions: Linux kernel versions 3.16 through 5.13.x before 5.13.4 Description: The issue is related to an integer overflow and out-of-bounds write in the Linux kernel's filesystem layer, specifically in the fs/seq file.c component. This can be exploite...
CVE-2018-10815
An issue was discovered in Cloudera Manager before 5.13.4, 5.14.x before 5.14.4, and 5.15.x before 5.15.1. A read-only user can access sensitive cluster information...