PT-2025-26092

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel's Bluetooth functionality has been identified. When the HCI work queue is drained, only queue chained work is allowed, but another delayed work can...

Gauge Functionalities Still Accessible After Being "Killed"

Lines of code Vulnerability details Proof-of-Concept The Voter contract contains a killGauge function that allow the emergency council to kill a gauge. The killGauge function will set the isAlive mapping to false. Thus, calling Voter's functions e.g. Voter.updateGauge, Voter.distributegauge again...

CVE-2022-1882

A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe postonenotification after freepipeinfo that is already called. This flaw allows a local user to crash or potentially escalate their privileges on the system...

CVE-2022-1882

A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe postonenotification after freepipeinfo that is already called. This flaw allows a local user to crash or potentially escalate their privileges on the system...

[R3] Nessus Version 10.2.0 Fixes Multiple Vulnerabilities

R3 Nessus Version 10.2.0 Fixes Multiple Vulnerabilities Arnie Cabral Thu, 05/26/2022 - 09:30 Nessus leverages third-party software to help provide underlying functionality. Several of the third-party components zlib, expat, jQuery UI were found to contain vulnerabilities, and updated versions hav...

CVE-2022-1882

CVE-2022-1882: A use-after-free in Linux kernel pipes handling (pipes.post_one_notification after free_pipe_info) allows a local user to crash the system and potentially escalate privileges. Documented in CVE-2022-1882 with CVSS v3 base 7.8 (LOCAL, LOW complexity, user is not required to interact...

CVE-2022-1882

A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe postonenotification after freepipeinfo that is already called. This flaw allows a local user to crash or potentially escalate their privileges on the system...

EulerOS 2.0 SP3 : binutils (EulerOS-SA-2022-1706)

According to the versions of the binutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An out-of-bounds flaw was found in binutils stabs functionality. The attack needs to be initiated locally where an attacker could convince a...

CVE-2022-1882

A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe postonenotification after freepipeinfo that is already called. This flaw allows a local user to crash or potentially escalate their privileges on the system...

Design/Logic Flaw

ManageEngine AppManager15 Build No:15510 allows an authenticated admin user to upload a DLL file to perform a DLL hijack attack inside the 'working' folder through the 'Upload Files / Binaries' functionality...

GHSA-R3RG-JRJQ-W4MR Grav CMS Local File Injection

The Backup functionality in Grav CMS through 1.7.0-rc.17 allows an authenticated attacker to read arbitrary local files on the underlying server by exploiting a path-traversal technique. This vulnerability can also be exploited by an unauthenticated attacker due to a lack of CSRF protection...

GHSA-5V5P-X8C2-MQXP Magento 2 Community Edition RCE Vulnerability

A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. An authenticated user with privileges to create products can craft custom layout update and use import product functionality to enable remote code execution...

Magento 2 Community Edition RCE Vulnerability

A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. An authenticated user with privileges to create products can craft custom layout update and use import product functionality to enable remote code execution...

GHSA-2CRC-5VQ6-386R Magento 2 Community Edition RCE Vulnerability

A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can leverage plugin functionality related to email templates to manipulate the interceptor class in a way that allows an attacker to execute arbitrary code...

Magento 2 Community Edition RCE Vulnerability

A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can leverage plugin functionality related to email templates to manipulate the interceptor class in a way that allows an attacker to execute arbitrary code...

SUSE-SU-2022:1832-1 Security update for openldap2

This update for openldap2 fixes the following issues: Security: - CVE-2022-29155: Fixed SQL injection in back-sql bsc1199240. Bugfixes: - allow specification of max/min TLS version with TLS1.3 bsc1191157 - libldap was able to be out of step with openldap in some cases which could cause incorrect...

Impossible Clearance of Delegate

Lines of code Vulnerability details ALR-01M: Impossible Clearance of Delegate | File | Lines | Type ---|---|--- AuraLocker.sol | L464-L509 | Code Functionality Description The delegate function disallows clearance of any existing delegation, thereby forcing the user to retain a delegate active...

CVE-2020-6105

An exploitable code execution vulnerability exists in the multiple devices functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause Information overwrite resulting in a code execution. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2018-7711

HTTPRedirect.php in the saml2 library in SimpleSAMLphp before 1.15.4 has an incorrect check of return values in the signature validation utilities, allowing an attacker to get invalid signatures accepted as valid by forcing an error during validation. This occurs because of a dependency on PHP...

CVE-2020-11060

In GLPI before 9.4.6, an attacker can execute system commands by abusing the backup functionality. Theoretically, this vulnerability can be exploited by an attacker without a valid account by using a CSRF. Due to the difficulty of the exploitation, the attack is only conceivable by an account...