19 matches found
Cross-Site Scripting (XSS)
qwc2 is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper handling of user-supplied input in the attribute table, which allows an authorized attacker to inject and execute arbitrary JavaScript code...
x86/mm/pat: Fix VM_PAT handling when fork() fails in copy_page_range()
...
CVE-2025-11183
Cross-Site Scripting vulnerability in attribute table in QGIS QWC2 2025.08.14 allows an authorized attacker to plant arbitrary JavaScript code in the page...
QGIS QWC2 Cross-Site Scripting vulnerability
Cross-Site Scripting vulnerability in attribute table in QGIS QWC2 2025.08.14 allows an authorized attacker to plant arbitrary JavaScript code in the page...
EUVD-2025-34062
QGIS QWC2 Cross-Site Scripting vulnerability...
GHSA-GXP8-M5RQ-3M38 QGIS QWC2 Cross-Site Scripting vulnerability
Cross-Site Scripting vulnerability in attribute table in QGIS QWC2 2025.08.14 allows an authorized attacker to plant arbitrary JavaScript code in the page...
CVE-2025-11183
Cross-Site Scripting vulnerability in attribute table in QGIS QWC2 2025.08.14 allows an authorized attacker to plant arbitrary JavaScript code in the page...
CVE-2025-11183
CVE-2025-11183. QGIS QWC2’s attribute table is vulnerable to Cross-Site Scripting (XSS) due to improper handling of user input, allowing an authorized attacker to inject and execute arbitrary JavaScript in the user’s browser. Affected version: QWC2
CVE-2025-11183 Cross-Site Scripting Vulnerability in QWC2
Cross-Site Scripting vulnerability in attribute table in QGIS QWC2 2025.08.14 allows an authorized attacker to plant arbitrary JavaScript code in the page...
CVE-2025-11183 Cross-Site Scripting Vulnerability in QWC2
Cross-Site Scripting vulnerability in attribute table in QGIS QWC2 2025.08.14 allows an authorized attacker to plant arbitrary JavaScript code in the page...
QGIS QWC2 安全漏洞
QGIS QWC2 is a web front-end client framework from the QGIS organization. A security vulnerability exists in QGIS QWC2 versions prior to 2025.08.14, which stems from a cross-site scripting vulnerability in the attribute table that could lead to an authorized attacker planting arbitrary JavaScript...
PT-2025-41779
Name of the Vulnerable Software and Affected Versions QGIS QWC2 versions prior to 2025.08.14 Description A Cross-Site Scripting issue exists in the attribute table functionality. This allows an authorized attacker to inject arbitrary JavaScript code into the page. Recommendations Update QGIS QWC2...
kernel: x86/mm/pat: fix VM_PAT handling in COW mappings
CVE-2024-35877 pertains to a flaw in the Linux kernel's handling of Page Attribute Table PAT settings during Copy-On-Write COW operations. When a write operation triggers a COW event, the kernel may replace the original page table entries PTEs with anonymous folios. This replacement disrupts the...
kernel: x86/mm/pat: fix VM_PAT handling in COW mappings
CVE-2024-35877 pertains to a flaw in the Linux kernel's handling of Page Attribute Table PAT settings during Copy-On-Write COW operations. When a write operation triggers a COW event, the kernel may replace the original page table entries PTEs with anonymous folios. This replacement disrupts the...
kernel: x86/mm/pat: fix VM_PAT handling in COW mappings
CVE-2024-35877 pertains to a flaw in the Linux kernel's handling of Page Attribute Table PAT settings during Copy-On-Write COW operations. When a write operation triggers a COW event, the kernel may replace the original page table entries PTEs with anonymous folios. This replacement disrupts the...
kernel: x86/mm/pat: fix VM_PAT handling in COW mappings
CVE-2024-35877 pertains to a flaw in the Linux kernel's handling of Page Attribute Table PAT settings during Copy-On-Write COW operations. When a write operation triggers a COW event, the kernel may replace the original page table entries PTEs with anonymous folios. This replacement disrupts the...
SUSE CVE-2024-41018
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add a check for attrnames and oatbl Added out-of-bound checking for ane ATTRNAMEENTRY...
DEBIAN-CVE-2024-42091
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Check pat.ops before dumping PAT settings We may leave pat.ops unset when running on brand new platform or when running as a VF. While the former is unlikely, the latter is valid future use case and will cause NPD when...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a vulnerability in the x86/mm/pat module...