Lucene search
+L

92 matches found

Cvelist
Cvelist
added 2025/09/04 3:32 p.m.12 views

CVE-2025-38684 net/sched: ets: use old 'nbands' while purging unused classes

In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: use old 'nbands' while purging unused classes Shuang reported schets test-case 1 crashing in etsclassqlennotify after recent changes from Lion 2. The problem is: in etsqdiscchange we purge unused DWRR queues; the...

0.0016EPSS
Exploits0References8
CVE
CVE
added 2025/09/04 3:32 p.m.53 views

CVE-2025-38684

CVE-2025-38684 affects the Linux kernel’s net/sched ETS implementation. The issue arose from purging unused DRR queues during ets_qdisc_change(), where the code used the new value of q->nbands for cleanup. The fix ensures the purge uses the old values of q->nbands (and q->nstrict), so pu...

5.5CVSS5.6AI score0.0016EPSS
Exploits0References11Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.10 views

Oracle Linux 10 : kernel (ELSA-2025-13598)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-13598 advisory. - wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds - CVE-2025-38159 - Revert 'smb: client: fix TCP timers deadlock after rmmod'...

7.8CVSS7.3AI score0.00225EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/08/12 12:0 a.m.5 views

PT-2025-35957

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.12.0-116.el10.x86 64 Description A flaw was discovered in the Linux kernel's sch ets module related to the handling of queue bands during the purging of unused classes. Specifically, the code used an outdated...

5.5CVSS5.9AI score0.0016EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/07/11 7:0 a.m.5 views

net_sched: drr: Fix double list add in class with netem as child qdisc

...

7CVSS7.4AI score0.00166EPSS
Exploits0
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.2 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: netem: Update sch-q.qlen before qdisctreereducebacklog. The qdisctreereducebacklog function only notifies the parent qdisc if the child qdisc becomes empty. Therefore, we need to reduce the backlog of the child qdisc before calli...

7.8CVSS6.2AI score0.0029EPSS
Exploits0References3
OSV
OSV
added 2025/05/20 4:15 p.m.4 views

UBUNTU-CVE-2025-37915

In the Linux kernel, the following vulnerability has been resolved: netsched: drr: Fix double list add in class with netem as child qdisc As described in Gerrard's report 1, there are use cases where a netem child qdisc will make the parent qdisc's enqueue callback reentrant. In the case of drr,...

7CVSS6.3AI score0.00166EPSS
Exploits0References41
RedHat Linux
RedHat Linux
added 2025/05/13 8:28 a.m.8 views

kernel: ACPI: PAD: fix crash in exit_round_robin()

In the Linux kernel, the following vulnerability has been resolved: ACPI: PAD: fix crash in exitroundrobin The kernel occasionally crashes in cpumaskclearcpu, which is called within exitroundrobin, because when executing clearbitnr, addr with nr set to 0xffffffff, the address calculation may caus...

5.5CVSS6.5AI score0.00247EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2025/04/18 12:0 a.m.5 views

The vulnerability of the exit_round_robin() function in the ACPI kernel of Linux operating systems allows a hacker to trigger a service failure.

The vulnerability of the exitroundrobin function in ACPI components of Linux operating systems is related to the round-robin scheduling algorithm. Exploiting this vulnerability could allow an attacker to trigger a service failure...

5.5CVSS6.7AI score0.00247EPSS
Exploits0References17Affected Software9
SUSE CVE
SUSE CVE
added 2025/04/05 2:25 a.m.3 views

SUSE CVE-2025-21971

In the Linux kernel, the following vulnerability has been resolved: netsched: Prevent creation of classes with TCHROOT The function qdisctreereducebacklog uses TCHROOT as a termination condition when traversing up the qdisc tree to update parent backlog counters. However, if a class is created wi...

7.8CVSS7.7AI score0.00187EPSS
Exploits0References67
OSV
OSV
added 2025/02/18 3:15 p.m.14 views

AZL-58965 CVE-2025-21703 affecting package kernel for versions less than 5.15.180.1-1

In the Linux kernel, the following vulnerability has been resolved: netem: Update sch-q.qlen before qdisctreereducebacklog qdisctreereducebacklog notifies parent qdisc only if child qdisc becomes empty, therefore we need to reduce the backlog of the child qdisc before calling it. Otherwise it wou...

7.8CVSS6.2AI score0.0029EPSS
Exploits0References1
OSV
OSV
added 2025/02/18 3:15 p.m.0 views

DEBIAN-CVE-2025-21703

In the Linux kernel, the following vulnerability has been resolved: netem: Update sch-q.qlen before qdisctreereducebacklog qdisctreereducebacklog notifies parent qdisc only if child qdisc becomes empty, therefore we need to reduce the backlog of the child qdisc before calling it. Otherwise it wou...

7.8CVSS5.5AI score0.0029EPSS
Exploits0References1
OSV
OSV
added 2025/02/18 3:15 p.m.11 views

UBUNTU-CVE-2025-21703

In the Linux kernel, the following vulnerability has been resolved: netem: Update sch-q.qlen before qdisctreereducebacklog qdisctreereducebacklog notifies parent qdisc only if child qdisc becomes empty, therefore we need to reduce the backlog of the child qdisc before calling it. Otherwise it wou...

7.8CVSS6.1AI score0.0029EPSS
Exploits0References23
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.5 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: ACPI: PAD: fixed a crash in exitroundrobin The kernel occasionally crashes in cpumaskclearcpu, which is called within exitroundrobin. This occurs when executing clearbitnr, addr with nr set to 0xffffffff. In such cases, the...

5.5CVSS6.4AI score0.00247EPSS
Exploits0References3
CVE
CVE
added 2025/01/22 2:32 p.m.55 views

CVE-2025-23812

CVE-2025-23812 : Reflected Cross-Site Scripting in the NotFound Contact Form 7 Round Robin Lead Distribution plugin. Affected: Contact Form 7 Round Robin Lead Distribution from n/a up to version 1.2.1. CVSS v3.1 base score 7.1 (HIGH). Attack vector: NETWORK; Impact: Confidentiality, Integrity, an...

7.1CVSS7.2AI score0.00289EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/22 2:29 p.m.4 views

CVE-2025-23784 WordPress Contact Form 7 Round Robin Lead Distribution Plugin <= 1.2.1 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in David Jeffrey Contact Form 7 Round Robin Lead Distribution contact-form-7-round-robin-lead-distribution allows SQL Injection.This issue affects Contact Form 7 Round Robin Lead Distribution: from n/...

7.6CVSS7.3AI score0.00437EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/22 12:0 a.m.12 views

WordPress plugin Contact Form 7 Round Robin Lead Distribution 跨站脚本漏洞

WordPress and the WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress plugin...

7.1CVSS7.7AI score0.00289EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/01/22 12:0 a.m.2 views

WordPress plugin Contact Form 7 Round Robin Lead Distribution SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. WordPress plugin Contact Form 7 Round Robin Lead...

7.6CVSS8.7AI score0.00437EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/01/16 6:42 p.m.6 views

WordPress Contact Form 7 Round Robin Lead Distribution Plugin <= 1.2.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Contact Form 7 Round Robin Lead Distribution versions = 1.2.1...

7.1CVSS6.1AI score0.00289EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/01/16 6:42 p.m.5 views

WordPress Contact Form 7 Round Robin Lead Distribution Plugin <= 1.2.1 - SQL Injection vulnerability

SQL Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Contact Form 7 Round Robin Lead Distribution versions = 1.2.1...

7.6CVSS8.1AI score0.00437EPSS
Exploits0Affected Software1
Rows per page
Query Builder