Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the presence of a race condition in machidtoggleemumouse, which could result in a list add error...

PT-2025-52974

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the powerpc/pseries architecture within the ibmebus bus init function of the Linux kernel. If the device register function returns an error during the...

PT-2025-52941

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the mtk probe function within the mtk eth soc module of the Linux kernel's networking subsystem. Specifically, if the mtk wed add hw function is called, the...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unchecked mmcaddhost return value, which could lead to a memory leak and kernel crash...

PT-2025-53048

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak issue was resolved in the Linux kernel related to the UBI file system. The issue occurs when the insert old idx function fails during a specific process involving znode...

PT-2025-53194

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the s390/dcssblk subsystem, potentially leading to a kernel crash due to list add corruption. The issue stems from missing dax remove host...

Linux Distros Unpatched Vulnerability : CVE-2023-54002

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: fix assertion of exclop condition when starting balance Balance as exclusive state is compatible with paused balance and device add, which makes some...

Linux Distros Unpatched Vulnerability : CVE-2023-54087

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ubi: Fix possible null-ptr-deref in ubifreevolume It willl cause null-ptr-deref in the following case: uifinit ubiaddvolume cdevadd - if it fails, call...

CVE-2025-15049

The CVE-2025-15049 entry applies to code-projects Online Farm System 1.0, where the vulnerability is in an unknown function of /addProduct.php. The flaw is a SQL injection triggered by manipulating the Username parameter, with remote initiation and a publicly available exploit. These details are ...

CVE-2025-68340

In the Linux kernel, the following vulnerability has been resolved: team: Move team device type change at the end of teamportadd Attempting to add a port device that is already up will expectedly fail, but not before modifying the team device headerops. In the case of the syzbot reproducer the gr...

CVE-2025-68340

CVE-2025-68340 (Linux kernel): A race/logic sequencing issue in the team device code can hang when adding a port device (e.g., gre0) configured as UP. Root cause: moving team_dev_type_check_change to after subsequent checks caused header_ops to switch from eth_header to ipgre_header mid-execution...

CVE-2025-68340 team: Move team device type change at the end of team_port_add

In the Linux kernel, the following vulnerability has been resolved: team: Move team device type change at the end of teamportadd Attempting to add a port device that is already up will expectedly fail, but not before modifying the team device headerops. In the case of the syzbot reproducer the gr...

CVE-2025-68340

In the Linux kernel, the following vulnerability has been resolved: team: Move team device type change at the end of teamportadd Attempting to add a port device that is already up will expectedly fail, but not before modifying the team device headerops. In the case of the syzbot reproducer the gr...

EUVD-2021-34744

Hasura GraphQL 1.3.3 contains a server-side request forgery vulnerability that allows attackers to inject arbitrary remote schema URLs through the addremoteschema endpoint. Attackers can exploit the vulnerability by sending crafted POST requests to the /v1/query endpoint with malicious URL...

PT-2025-52756

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the team device driver. Specifically, the issue arises when adding a port device that is already in an 'up' state. This can lead to...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an improper device type change in teamportadd, which could lead to a crash...

CVE-2021-47715 Hasura GraphQL 1.3.3 Server-Side Request Forgery via Remote Schema Injection

Hasura GraphQL 1.3.3 contains a server-side request forgery vulnerability that allows attackers to inject arbitrary remote schema URLs through the addremoteschema endpoint. Attackers can exploit the vulnerability by sending crafted POST requests to the /v1/query endpoint with malicious URL...

CVE-2021-47715

Hasura GraphQL Engine 1.3.3 is exposed to a server-side request forgery via the add_remote_schema endpoint. The underlying issue allows injection of arbitrary remote schema URLs by crafting POST requests to /v1/query, potentially enabling access to internal network resources. Affected component: ...

CVE-2021-47715 Hasura GraphQL 1.3.3 Server-Side Request Forgery via Remote Schema Injection

Hasura GraphQL 1.3.3 contains a server-side request forgery vulnerability that allows attackers to inject arbitrary remote schema URLs through the addremoteschema endpoint. Attackers can exploit the vulnerability by sending crafted POST requests to the /v1/query endpoint with malicious URL...

CVE-2025-13329

The File Uploader for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the callback function for the 'add-image-data' REST API endpoint in all versions up to, and including, 1.0.3. This makes it possible for unauthenticated attackers ...