86 matches found
proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al
...
CVE-2025-9739 Campcodes Online Water Billing System process.php sql injection
A vulnerability has been found in Campcodes Online Water Billing System 1.0. Affected by this issue is some unknown functionality of the file /process.php. The manipulation of the argument Username leads to sql injection. The attack is possible to be carried out remotely. The exploit has been...
CVE-2025-9475
A flaw has been found in SourceCodester Human Resource Information System 1.0. Affected by this vulnerability is an unknown functionality of the file /AdminDashboard/process/editemployeeprocess.php. This manipulation of the argument employeefile201 causes unrestricted upload. The attack may be...
Linux Distros Unpatched Vulnerability : CVE-2017-14102
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MIMEDefang 2.80 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by...
Linux Distros Unpatched Vulnerability : CVE-2025-38003
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - can: bcm: add missing rcu read protection for procfs content When the procfs content is generated for a bcmop which is in the process to be removed the procfs...
TencentOS Server 3: polkit (TSSA-2022:0032)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0032 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
CVE-2024-3524
A vulnerability, which was classified as problematic, has been found in Campcodes Online Event Management System 1.0. This issue affects some unknown processing of the file /views/process.php. The manipulation of the argument name leads to cross site scripting. The attack may be initiated remotel...
DEBIAN-CVE-2023-53118
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix a procfs host directory removal regression scsiprochostdirrm decreases a reference counter and hence must only be called once per host that is removed. This change does not require a scsiaddhostwithdma change sinc...
CVE-2025-4058
A vulnerability classified as critical has been found in Projectworlds Online Examination System 1.0. This affects an unknown part of the file /Bloodgroopprocess.php. The manipulation of the argument PatBloodGroup1 leads to sql injection. It is possible to initiate the attack remotely. The exploi...
kernel: nfs: Handle error of rpc_proc_register() in nfs_net_init().
In the Linux kernel, the following vulnerability has been resolved: nfs: Handle error of rpcprocregister in nfsnetinit. syzkaller reported a warning 0 triggered while destroying immature netns. rpcprocregister was called in initnfsfs, but its error has been ignored since at least the initial comm...
AZL-59604 CVE-2025-21999 affecting package kernel for versions less than 5.15.180.1-1
In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in procgetinode Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde-procops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc entry has been registered...
kernel: can: bcm: Fix UAF in bcm_proc_show()
In the Linux kernel, the following vulnerability has been resolved: can: bcm: Fix UAF in bcmprocshow BUG: KASAN: slab-use-after-free in bcmprocshow+0x969/0xa80 Read of size 8 at addr ffff888155846230 by task cat/7862 CPU: 1 PID: 7862 Comm: cat Not tainted 6.5.0-rc1-00153-gc8746099c197 230 Hardwar...
Linux Distros Unpatched Vulnerability : CVE-2021-4115
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this...
kernel: scsi: core: Fix unremoved procfs host directory regression
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix unremoved procfs host directory regression The Linux kernel CVE team has assigned CVE-2024-26935 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024050124-CVE-2024-26935-8b4e@gregkh/T...
SUSE CVE-2025-21646
In the Linux kernel, the following vulnerability has been resolved: afs: Fix the maximum cell name length The kafs filesystem limits the maximum length of a cell to 256 bytes, but a problem occurs if someone actually does that: kafs tries to create a directory under /proc/net/afs/ with the name o...
CVE-2024-13002
A vulnerability was found in 1000 Projects Bookstore Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /orderprocess.php. The manipulation of the argument fnm leads to sql injection. The attack can be launched remotely...
CVE-2024-13002 1000 Projects Bookstore Management System order_process.php sql injection
A vulnerability was found in 1000 Projects Bookstore Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /orderprocess.php. The manipulation of the argument fnm leads to sql injection. The attack can be launched remotely...
PT-2024-17862 · Unknown · 1000 Projects Bookstore Management System
Name of the Vulnerable Software and Affected Versions: 1000 Projects Bookstore Management System version 1.0 Description: A critical issue has been found in the 1000 Projects Bookstore Management System. It affects an unknown functionality of the file /order process.php. The manipulation of the f...
CVE-2024-12953
A vulnerability, which was classified as critical, has been found in 1000 Projects Portfolio Management System MCA 1.0. Affected by this issue is some unknown functionality of the file /updatepdprocess.php. The manipulation of the argument profile leads to unrestricted upload. The attack may be...
PT-2024-17825 · Unknown · 1000 Projects Portfolio Management System Mca
Name of the Vulnerable Software and Affected Versions: 1000 Projects Portfolio Management System MCA version 1.0 Description: A critical issue has been found in the 1000 Projects Portfolio Management System MCA, affecting some unknown functionality of the file /update pd process.php. The...