CVE-2023-53768

In the Linux kernel, the following vulnerability has been resolved: regmap-irq: Fix out-of-bounds access when allocating config buffers When allocating the 2D array for handling IRQ type registers in regmapaddirqchipfwnode, the intent is to allocate a matrix with numconfigbases rows and...

CVE-2022-50618

In the Linux kernel, the following vulnerability has been resolved: mmc: meson-gx: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, it will lead two issues: 1. The memory that allocated in mmcallochost is leaked. 2. In the remove path, mmcremovehost...

DEBIAN-CVE-2022-50618

In the Linux kernel, the following vulnerability has been resolved: mmc: meson-gx: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, it will lead two issues: 1. The memory that allocated in mmcallochost is leaked. 2. In the remove path, mmcremovehost...

UBUNTU-CVE-2022-50618

In the Linux kernel, the following vulnerability has been resolved: mmc: meson-gx: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, it will lead two issues: 1. The memory that allocated in mmcallochost is leaked. 2. In the remove path, mmcremovehost...

CVE-2022-50618 mmc: meson-gx: fix return value check of mmc_add_host()

In the Linux kernel, the following vulnerability has been resolved: mmc: meson-gx: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, it will lead two issues: 1. The memory that allocated in mmcallochost is leaked. 2. In the remove path, mmcremovehost...

CVE-2022-50618

CVE-2022-50618 affects the Linux kernel in the mmc subsystem for meson-gx, where mmc_add_host() return value is not checked. If it fails, allocated memory in mmc_alloc_host() leaks and, in remove path, mmc_remove_host() may operate on a not-yet-added device, causing a kernel crash via a null-dere...

CVE-2022-50618

In the Linux kernel, the following vulnerability has been resolved: mmc: meson-gx: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, it will lead two issues: 1. The memory that allocated in mmcallochost is leaked. 2. In the remove path, mmcremovehost...

CVE-2022-50618 mmc: meson-gx: fix return value check of mmc_add_host()

In the Linux kernel, the following vulnerability has been resolved: mmc: meson-gx: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, it will lead two issues: 1. The memory that allocated in mmcallochost is leaked. 2. In the remove path, mmcremovehost...

CVE-2025-40306 orangefs: fix xattr related buffer overflow...

In the Linux kernel, the following vulnerability has been resolved: orangefs: fix xattr related buffer overflow... Willy Tarreau forwarded me a message from Disclosure with the following warning: The helper xattrkey uses the pointer variable in the loop condition rather than dereferencing it. As...

Code-Projects Daily Time Recording System SQL注入漏洞

Code-Projects Daily Time Recording System is an open source daily time recording system from Code-Projects. Code-Projects Daily Time Recording System version 4.5.0 suffers from a SQL injection vulnerability that stems from incorrect manipulation of the detailId parameter in the file...

PT-2025-49547

A vulnerability was detected in code-projects Daily Time Recording System 4.5.0. The impacted element is an unknown function of the file /admin/add payroll.php. Performing manipulation of the argument detail Id results in sql injection. The attack can be initiated remotely. The exploit is now...

PT-2025-49459

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel where the mmc add host function's return value is not properly checked. If mmc add host returns an error, the allocated memory in mmc alloc host is...

Linux Distros Unpatched Vulnerability : CVE-2022-50618

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mmc: meson-gx: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, it will lead two issues: 1. The memory that...

CVE-2025-14195

A security flaw has been discovered in code-projects Employee Profile Management System 1.0. Impacted is an unknown function of the file /profiling/addfilequery.php. The manipulation of the argument perfile results in unrestricted upload. The attack may be launched remotely. The exploit has been...

CVE-2025-14195 code-projects Employee Profile Management System add_file_query.php unrestricted upload

A security flaw has been discovered in code-projects Employee Profile Management System 1.0. Impacted is an unknown function of the file /profiling/addfilequery.php. The manipulation of the argument perfile results in unrestricted upload. The attack may be launched remotely. The exploit has been...

Code-Projects Employee Profile Management System 代码问题漏洞

Employee Profile Management System is an employee profile management system. Employee Profile Management System has a code issue vulnerability that stems from the lack of valid validation of uploaded files by the parameter perfile in the file /profiling/addfilequery.php. No details of the...

CVE-2025-14140 UTT 进取 520W websHostFilter strcpy buffer overflow

A vulnerability was detected in UTT 进取 520W 1.7.7-180627. The affected element is the function strcpy of the file /goform/websHostFilter. Performing manipulation of the argument addHostFilter results in buffer overflow. The attack is possible to be carried out remotely. The exploit is now public...

mptcp: fix a race in mptcp_pm_del_add_timer()

...

WordPress Add Custom Codes plugin <= 4.80 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Certus Cybersecurity in WordPress Plugin Add Custom Codes versions = 4.80...

CVE-2025-13144 ContentStudio <= 1.3.7 - Cross-Site Request Forgery to Settings Update

The ContentStudio plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.7. This is due to missing or insufficient nonce validation on the addcstusettings function. This makes it possible for unauthenticated attackers to modify plugin settings v...