PT-2025-42737

Name of the Vulnerable Software and Affected Versions golang versions 1.15 golang versions 1.19 Description An issue exists in the archive/tar package within golang that involves an unbounded allocation during the parsing of GNU sparse map files. This can lead to excessive memory consumption and...

PT-2026-20420

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to memory protection on LoongArch platforms. Specifically, the protection map was not correctly set for Virtual Memory Areas VMAs configured as ...

WordPress Interactive UK Map plugin <= 3.4.8 - CSRF to Stored Cross Site Scripting (XSS) vulnerability

CSRF to Stored Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Interactive UK Map versions = 3.4.8...

CVE-2024-56719

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix TSO DMA API usage causing oops Commit 66600fac7a98 "net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data" moved the assignment of txskbuffdma's members to be later in stmmactsoxmit. The buf dma...

SUSE CVE-2024-56710

In the Linux kernel, the following vulnerability has been resolved: ceph: fix memory leak in cephdirectreadwrite The bvecs array which is allocated in itergetbvecsalloc is leaked and pages remain pinned if cephallocsparseextmap fails. There is no need to delay the allocation of sparseext map unti...

CVE-2024-13021

A vulnerability, which was classified as problematic, has been found in SourceCodester Road Accident Map Marker 1.0. Affected by this issue is some unknown functionality of the file /endpoint/add-mark.php. The manipulation of the argument markname/details leads to cross site scripting. The attack...

CVE-2024-13021

A vulnerability, which was classified as problematic, has been found in SourceCodester Road Accident Map Marker 1.0. Affected by this issue is some unknown functionality of the file /endpoint/add-mark.php. The manipulation of the argument markname/details leads to cross site scripting. The attack...

CVE-2024-13021

CVE-2024-13021 affects SourceCodester Road Accident Map Marker 1.0. The issue is a stored/reflective cross-site scripting vulnerability in the /endpoint/add-mark.php endpoint, triggered by manipulating the mark_name/details parameters. The public exploit is reported, and multiple sources corrobor...

CVE-2024-56592

In the Linux kernel, the following vulnerability has been resolved: bpf: Call freehtabelem after htabunlockbucket For htab of maps, when the map is removed from the htab, it may hold the last reference of the map. bpfmapfdputptr will invoke bpfmapfreeid to free the id of the removed map element...

CVE-2024-56719

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix TSO DMA API usage causing oops Commit 66600fac7a98 "net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data" moved the assignment of txskbuffdma's members to be later in stmmactsoxmit. The buf dma...

DEBIAN-CVE-2024-56719

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix TSO DMA API usage causing oops Commit 66600fac7a98 "net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data" moved the assignment of txskbuffdma's members to be later in stmmactsoxmit. The buf dma...

UBUNTU-CVE-2024-56719

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix TSO DMA API usage causing oops Commit 66600fac7a98 "net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data" moved the assignment of txskbuffdma's members to be later in stmmactsoxmit. The buf dma...

UBUNTU-CVE-2024-56710

In the Linux kernel, the following vulnerability has been resolved: ceph: fix memory leak in cephdirectreadwrite The bvecs array which is allocated in itergetbvecsalloc is leaked and pages remain pinned if cephallocsparseextmap fails. There is no need to delay the allocation of sparseext map unti...

CVE-2024-56719

CVE-2024-56719 affects the Linux kernel net driver stmmac (TSO DMA path). The root cause was unbalanced DMA map/unmap: tx_skbuff_dma[] was populated later in stmmac_tso_xmit(), causing the dma cookie used by dma_unmap_single() to differ from dma_map_single() when priv-&gt;dma_cap.addr64 &gt; 32. ...

SourceCodester Road Accident Map Marker 代码注入漏洞

SourceCodester Road Accident Map Marker is a SourceCodester open source road accident map marker project. A code injection vulnerability exists in SourceCodester Road Accident Map Marker version 1.0, which stems from a cross-site scripting attack due to incorrect manipulation of the markname...

SUSE CVE-2024-53226

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix NULL pointer derefernce in hnsrocemapmrsg ibmapmrsg allows ULPs to specify NULL as the sgoffset argument. The driver needs to check whether it is a NULL pointer before dereferencing it...

SUSE CVE-2024-56532

In the Linux kernel, the following vulnerability has been resolved: ALSA: us122l: Use sndcardfreewhenclosed at disconnection The USB disconnect callback is supposed to be short and not too-long waiting. OTOH, the current code uses sndcardfree at disconnection, but this waits for the close of all...

DEBIAN-CVE-2024-56664

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix race between element replace and close Element replace with a socket different from the one stored may race with socket's close link popping & unlinking. sockmapdelete unconditionally unrefs the wrong element: /...

DEBIAN-CVE-2024-56615

In the Linux kernel, the following vulnerability has been resolved: bpf: fix OOB devmap writes when deleting elements Jordy reported issue against XSKMAP which also applies to DEVMAP - the index used for accessing map entry, due to being a signed integer, causes the OOB writes. Fix is simple as...

DEBIAN-CVE-2024-56614

In the Linux kernel, the following vulnerability has been resolved: xsk: fix OOB map writes when deleting elements Jordy says: " In the xskmapdeleteelem function an unsigned integer map-maxentries is compared with a user-controlled signed integer k. Due to implicit type conversion, a large unsign...