11470 matches found
EUVD-2025-32738
In the Linux kernel, the following vulnerability has been resolved: clk: Fix memory leak in devmclknotifierregister devmclknotifierregister allocates a devres resource for clk notifier but didn't register that to the device, so the notifier didn't get unregistered on device detach and the allocat...
EUVD-2025-32783
In the Linux kernel, the following vulnerability has been resolved: blk-iolatency: Fix memory leak on adddisk failures When a gendisk is successfully initialized but adddisk fails such as when a loop device has invalid number of minor device numbers specified, blkcginitdisk is called during init...
CVE-2022-50550 blk-iolatency: Fix memory leak on add_disk() failures
In the Linux kernel, the following vulnerability has been resolved: blk-iolatency: Fix memory leak on adddisk failures When a gendisk is successfully initialized but adddisk fails such as when a loop device has invalid number of minor device numbers specified, blkcginitdisk is called during init...
CVE-2022-50550
In the Linux kernel, the following vulnerability has been resolved: blk-iolatency: Fix memory leak on adddisk failures When a gendisk is successfully initialized but adddisk fails such as when a loop device has invalid number of minor device numbers specified, blkcginitdisk is called during init...
CVE-2022-50550
CVE-2022-50550 affects the Linux kernel’s blk-iolatency component. The flaw arises when a gendisk is initialized but add_disk() fails; iolatency is initialized during init but not cleaned up in error handling, causing a memory leak. The root cause is that cleanup previously relied on del_gendisk(...
CVE-2022-50550 blk-iolatency: Fix memory leak on add_disk() failures
In the Linux kernel, the following vulnerability has been resolved: blk-iolatency: Fix memory leak on adddisk failures When a gendisk is successfully initialized but adddisk fails such as when a loop device has invalid number of minor device numbers specified, blkcginitdisk is called during init...
CVE-2023-53645
CVE-2023-53645 : Linux kernel patch fixes a use-after-free risk in BPF non-owning references by making bpf_refcount_acquire fallible. The fix changes the implementation (bpf_refcount_acquire_impl) to use refcount_inc_not_zero and return KF_RET_NULL, preventing increment on a possibly freed object...
CVE-2023-53645 bpf: Make bpf_refcount_acquire fallible for non-owning refs
In the Linux kernel, the following vulnerability has been resolved: bpf: Make bpfrefcountacquire fallible for non-owning refs This patch fixes an incorrect assumption made in the original bpfrefcount series 0, specifically that the BPF program calling bpfrefcountacquire on some node can always...
EUVD-2025-32788
In the Linux kernel, the following vulnerability has been resolved: bpf: Make bpfrefcountacquire fallible for non-owning refs This patch fixes an incorrect assumption made in the original bpfrefcount series 0, specifically that the BPF program calling bpfrefcountacquire on some node can always...
CVE-2023-53645 bpf: Make bpf_refcount_acquire fallible for non-owning refs
In the Linux kernel, the following vulnerability has been resolved: bpf: Make bpfrefcountacquire fallible for non-owning refs This patch fixes an incorrect assumption made in the original bpfrefcount series 0, specifically that the BPF program calling bpfrefcountacquire on some node can always...
CVE-2022-50532
CVE-2022-50532 concerns the Linux kernel SCSI MPT3sas driver. The vulnerability occurs in mpt3sas_transport_port_add(): if sas_rphy_add() returns an error, the resource allocated in sas_end_device_alloc() must be freed via sas_rphy_free(); otherwise a NULL pointer dereference can occur during dev...
CVE-2022-50532 scsi: mpt3sas: Fix possible resource leaks in mpt3sas_transport_port_add()
In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix possible resource leaks in mpt3sastransportportadd In mpt3sastransportportadd, if sasrphyadd returns error, sasrphyfree needs be called to free the resource allocated in sasenddevicealloc. Otherwise a kernel...
CVE-2022-50532
In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix possible resource leaks in mpt3sastransportportadd In mpt3sastransportportadd, if sasrphyadd returns error, sasrphyfree needs be called to free the resource allocated in sasenddevicealloc. Otherwise a kernel...
CVE-2025-11333
A vulnerability was identified in langleyfcu Online Banking System up to 57437e6400ce0ae240e692c24e6346b8d0c17d7a. This impacts an unknown function of the file /customeraddaction.php of the component Add Customer Page. The manipulation of the argument First Name leads to cross site scripting...
CVE-2025-11279
A vulnerability was detected in Axosoft Scrum and Bug Tracking 22.1.1.11545. This issue affects some unknown processing of the component Add Work Item Page. The manipulation of the argument Title results in csv injection. The attack can be launched remotely. The exploit is now public and may be...
EUVD-2025-32611
A vulnerability was found in code-projects Student Crud Operation up to 3.3. This vulnerability affects the function moveuploadedfile of the file add.php of the component Add Student Page/Edit Student Page. Performing manipulation results in unrestricted upload. The attack can be initiated...
CVE-2025-11347
A vulnerability was found in code-projects Student Crud Operation up to 3.3. This vulnerability affects the function moveuploadedfile of the file add.php of the component Add Student Page/Edit Student Page. Performing manipulation results in unrestricted upload. The attack can be initiated...
CVE-2025-11347
A vulnerability was found in code-projects Student Crud Operation up to 3.3. This vulnerability affects the function moveuploadedfile of the file add.php of the component Add Student Page/Edit Student Page. Performing manipulation results in unrestricted upload. The attack can be initiated...
CVE-2025-11347
CVE-2025-11347 affects code-projects Student Crud Operation up to 3.3, where the function move_uploaded_file in add.php allows unrestricted file upload. The vulnerability can be triggered remotely and the exploit has been publicized. Affected versions are stated as up to 3.3; sources suggest that...
CVE-2025-11347 code-projects Student Crud Operation Add Student Page/Edit Student add.php move_uploaded_file unrestricted upload
A vulnerability was found in code-projects Student Crud Operation up to 3.3. This vulnerability affects the function moveuploadedfile of the file add.php of the component Add Student Page/Edit Student Page. Performing manipulation results in unrestricted upload. The attack can be initiated...