2118 matches found
CVE-2024-45265
A SQL injection vulnerability in the poll component in SkySystem Arfa-CMS before 5.1.3124 allows remote attackers to execute arbitrary SQL commands via the psid parameter...
CVE-2024-45265
CVE-2024-45265 affects SkySystem Arfa-CMS before 5.1.3124. The vulnerability is a SQL injection in the poll component, exploitable via the psid parameter to allow remote attackers to execute arbitrary SQL commands. Root cause is improper handling of user-supplied psid data in the poll module, lea...
PT-2024-31522 · Skysystem · Arfa-Cms
Name of the Vulnerable Software and Affected Versions: SkySystem Arfa-CMS versions prior to 5.1.3124 Description: A SQL injection issue in the poll component allows remote attackers to execute arbitrary SQL commands via the psid parameter. This enables attackers to manipulate database queries,...
SUSE CVE-2023-52895
In the Linux kernel, the following vulnerability has been resolved: iouring/poll: don't reissue in case of poll race on multishot request A previous commit fixed a poll race that can occur, but it's only applicable for multishot requests. For a multishot request, we can safely ignore a spurious...
CVE-2024-43876
In the Linux kernel, the following vulnerability has been resolved: PCI: rcar: Demote WARN to devwarnratelimited in rcarpciewakeup Avoid large backtrace, it is sufficient to warn the user that there has been a link problem. Either the link has failed and the system is in need of maintenance, or t...
CVE-2023-52895
In the Linux kernel, the following vulnerability has been resolved: iouring/poll: don't reissue in case of poll race on multishot request A previous commit fixed a poll race that can occur, but it's only applicable for multishot requests. For a multishot request, we can safely ignore a spurious...
CVE-2023-52914
In the Linux kernel, the following vulnerability has been resolved: iouring/poll: add hash if ready poll request can't complete inline If we don't, then we may lose access to it completely, leading to a request leak. This will eventually stall the ring exit process as well...
CVE-2023-52914
In the Linux kernel, the following vulnerability has been resolved: iouring/poll: add hash if ready poll request can't complete inline If we don't, then we may lose access to it completely, leading to a request leak. This will eventually stall the ring exit process as well...
DEBIAN-CVE-2023-52914
In the Linux kernel, the following vulnerability has been resolved: iouring/poll: add hash if ready poll request can't complete inline If we don't, then we may lose access to it completely, leading to a request leak. This will eventually stall the ring exit process as well...
CVE-2023-52895
In the Linux kernel, the following vulnerability has been resolved: iouring/poll: don't reissue in case of poll race on multishot request A previous commit fixed a poll race that can occur, but it's only applicable for multishot requests. For a multishot request, we can safely ignore a spurious...
DEBIAN-CVE-2023-52895
In the Linux kernel, the following vulnerability has been resolved: iouring/poll: don't reissue in case of poll race on multishot request A previous commit fixed a poll race that can occur, but it's only applicable for multishot requests. For a multishot request, we can safely ignore a spurious...
CVE-2023-52914
In the Linux kernel, the following vulnerability has been resolved: iouring/poll: add hash if ready poll request can't complete inline If we don't, then we may lose access to it completely, leading to a request leak. This will eventually stall the ring exit process as well...
UBUNTU-CVE-2023-52914
In the Linux kernel, the following vulnerability has been resolved: iouring/poll: add hash if ready poll request can't complete inline If we don't, then we may lose access to it completely, leading to a request leak. This will eventually stall the ring exit process as well...
UBUNTU-CVE-2023-52895
In the Linux kernel, the following vulnerability has been resolved: iouring/poll: don't reissue in case of poll race on multishot request A previous commit fixed a poll race that can occur, but it's only applicable for multishot requests. For a multishot request, we can safely ignore a spurious...
CVE-2023-52914 io_uring/poll: add hash if ready poll request can't complete inline
In the Linux kernel, the following vulnerability has been resolved: iouring/poll: add hash if ready poll request can't complete inline If we don't, then we may lose access to it completely, leading to a request leak. This will eventually stall the ring exit process as well...
CVE-2023-52914
The CVE-2023-52914 entry concerns a Linux kernel issue in the io_uring/poll path. The vulnerability arises when a ready poll request cannot complete inline, so a hash is not added, which can lead to loss of access to the poll request and a subsequent request leak, potentially stalling the ring ex...
CVE-2023-52914 io_uring/poll: add hash if ready poll request can't complete inline
In the Linux kernel, the following vulnerability has been resolved: iouring/poll: add hash if ready poll request can't complete inline If we don't, then we may lose access to it completely, leading to a request leak. This will eventually stall the ring exit process as well...
CVE-2023-52914
In the Linux kernel, the following vulnerability has been resolved: iouring/poll: add hash if ready poll request can't complete inline If we don't, then we may lose access to it completely, leading to a request leak. This will eventually stall the ring exit process as well...
CVE-2023-52914 io_uring/poll: add hash if ready poll request can't complete inline
In the Linux kernel, the following vulnerability has been resolved: iouring/poll: add hash if ready poll request can't complete inline If we don't, then we may lose access to it completely, leading to a request leak. This will eventually stall the ring exit process as well...
CVE-2023-52895
CVE-2023-52895 concerns a race in the Linux kernel io_uring/poll for multishot requests. A prior commit fixed a poll race that applies only to multishot, where a spurious wakeup can be ignored since the waitqueue isn’t left. A blunt reissue of a multishot armed request could leak a buffer if prov...