5435 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: clk: qcom: ipq8074: Fixed the PCI-E clock-related errors. Fixed kernel errors related to PCI-E clocks caused by a missing clock parent. pcie0rchngclksrc has numparents set to 2, but only one parent is actually set via parenthw...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: powerpc/eeh: Made the EEH driver’s device hotplug operations safe. Multiple race conditions existed between the PCIe hotplug driver and the EEH driver, leading to various kernel errors of the same general nature: A second type...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: libnvdimm/labels: A divide error occurred in ndlabeldatainit. If a faulty CXL memory device returns a incorrect zero LSA size in its memory device information Identified Memory Device Opcode 4000h, CXL Specification 3.1,...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: PCI: cadence: Check for the existence of cdnspcie::ops before using it. cdnspcie::ops may not be populated by all Cadence glue drivers. This is true for the upcoming Sophgo platform, which does not set ops. Therefore, add a check...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Disabling ASPM when a multifunction device’s function is removed to avoid use-after-free errors. The struct pcielinkstate-downstream is a pointer to the pcidev of function 0. Previously, we retained this pointer when...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Properly hiding the first-in-list PCIe extended capabilities There are cases where a PCIe extended capability should be hidden from the user. For example, an unknown capability i.e., a capability with an ID greater than...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd: check num of link levels when update pcie param In the SR-IOV environment, the value of pcietable-numoflinklevels will be 0, and numoflevels - 1 will cause an array index out of bounds...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: MIPS: Octeon – Add PCIe link status check The standard PCIe configuration read-write interface is used to access the configuration space of peripheral PCIe devices in the mips processor. After the PCIe link becomes unavailable, i...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fixed the issue where the link state was exited during the removal of an upstream function. Before version 456d8aa37d0f “PCI/ASPM: Disabled ASPM during the removal of an MFD function to avoid use-after-free”, we only...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: nvme-core: fixed a memory leak in dhchapsecretstore Free the dhchapsecret in nvmectrldhchapsecretstore, before returning. Fixed the following kmemleak: Unreferenced object 0xffff8886376ea800 size 64: Command "check", PID 22048...
websec-sql-injection
WebSec SQL Injection Учебный backend-проект по безопасности в...
@clerk/agent-toolkit (>=0.3.1-canary.v20260303211310 <=0.3.16-snapshot.v20260416221307), @clerk/astro (>=3.0.1-canary.v20260303211310 <=3.0.18-snapshot.v20260421194054) +9 more potentially affected by CVE-2026-42349 via @clerk/backend (>=3.0.0 <=3.2.14-snapshot.v20260421194054)
@clerk/backend NPM version =3.0.0, =0.3.1-canary.v20260303211310, =3.0.1-canary.v20260303211310, =2.0.1-canary.v20260303211310, =3.0.1-canary.v20260303211310, =0.0.3-canary.v20260303211310, =7.0.1-canary.v20260303211310, =2.0.1-canary.v20260303211310, =3.0.1-canary.v20260303211310,...
@unhook/cli (>=0.8.0 <=0.15.0) potentially affected by CVE-2026-42349 via @clerk/express (>=1.5.0 <=1.7.63)
@clerk/express NPM version =1.5.0, =0.8.0, =0.15.0 Source cves: CVE-2026-42349 Source advisory: OSV:GHSA-W24R-5266-9C3C...
@maslowai/roster (=3.14.0), drafted (>=1.1.3 <=1.7.20) potentially affected by CVE-2026-42349 via @clerk/express (>=2.0.8 <=2.1.22)
@clerk/express NPM version =2.0.8, =1.1.3, =1.7.20 Source cves: CVE-2026-42349 Source advisory: OSV:GHSA-W24R-5266-9C3C...
Juniper Junos OS Vulnerability (JSA83021)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA83021 advisory. - An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow daemon flowd of Juniper Networks Junos OS on SRX4600 and SRX5000 Series allows an attacke...
nvme: fix admin queue leak on controller reset
...
OESA-2026-2077 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: bonding: fix use-after-free due to enslave fail after slave array update Fix a use-after-free which happens due to enslave failure after the new slave has been...
SUSE CVE-2026-31595
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-vntb: Stop cmdhandler work in epfntbepccleanup Disable the delayed work before clearing BAR mappings and doorbells to avoid running the handler after resources have been torn down. Unable to handle kernel...
CVE-2026-31595
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-vntb: Stop cmdhandler work in epfntbepccleanup Disable the delayed work before clearing BAR mappings and doorbells to avoid running the handler after resources have been torn down. Unable to handle kernel...
CVE-2026-31594
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-vntb: Remove duplicate resource teardown epfntbepcdestroy duplicates the teardown that the caller is supposed to perform later. This leads to an oops when .allowlink fails or when .droplink is performed. Th...