Lucene search
K

111 matches found

Cvelist
Cvelist
added 2026/01/13 3:29 p.m.27 views

CVE-2025-68787 netrom: Fix memory leak in nr_sendmsg()

In the Linux kernel, the following vulnerability has been resolved: netrom: Fix memory leak in nrsendmsg syzbot reported a memory leak 1. When function sockallocsendskb return NULL in nroutput, the original skb is not freed, which was allocated in nrsendmsg. Fix this by freeing it before return. ...

0.00173EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/01/13 9:50 a.m.2 views

kernel: Linux kernel: SCTP use-after-free due to race condition in sendmsg

A flaw was found in the Linux kernel's SCTP implementation. This vulnerability allows a use-after-free read via a race condition during SCTP message sending...

7.8CVSS5.8AI score0.00187EPSS
Exploits0References5
OSV
OSV
added 2025/12/24 1:16 p.m.3 views

UBUNTU-CVE-2023-54112

In the Linux kernel, the following vulnerability has been resolved: kcm: Fix memory leak in error path of kcmsendmsg syzbot reported a memory leak like below: BUG: memory leak unreferenced object 0xffff88810b088c00 size 240: comm "syz-executor186", pid 5012, jiffies 4294943306 age 13.680s hex dum...

5.7AI score0.00177EPSS
Exploits0References10
CVE
CVE
added 2025/12/24 10:55 a.m.17 views

CVE-2022-50706

Technical details are not publicly available in the provided documents. Monitor for updates.

6.1AI score0.00173EPSS
Exploits0References6
EUVD
EUVD
added 2025/12/09 6:30 p.m.4 views

EUVD-2023-60171

In the Linux kernel, the following vulnerability has been resolved: kcm: Fix error handling for SOCKDGRAM in kcmsendmsg. syzkaller found a memory leak in kcmsendmsg, and commit c821a88bd720 "kcm: Fix memory leak in error path of kcmsendmsg" suppressed it by updating kcmtxmsghead-lastskb if partia...

5.7AI score0.00225EPSS
Exploits0References9
Snyk
Snyk
added 2025/12/09 5:23 p.m.2 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in external media URLs passed to sendMessageComponents and other methods that take input originating from MessagegetComponents. An attacker can trigger the application to download arbitrary external...

6.9CVSS6.9AI score
Exploits0References2
EUVD
EUVD
added 2025/11/10 3:31 p.m.7 views

EUVD-2025-44061

The sendmessage.php endpoint in SourceCodester Simple Public Chat Room 1.0 is vulnerable to Cross-Site Request Forgery CSRF. The application does not implement any CSRF-protection mechanisms such as tokens, nonces, or same-site cookie restrictions. An attacker can create a malicious HTML page tha...

6.3AI score0.00144EPSS
Exploits1References3
NVD
NVD
added 2025/11/10 3:15 p.m.14 views

CVE-2025-63710

The sendmessage.php endpoint in SourceCodester Simple Public Chat Room 1.0 is vulnerable to Cross-Site Request Forgery CSRF. The application does not implement any CSRF-protection mechanisms such as tokens, nonces, or same-site cookie restrictions. An attacker can create a malicious HTML page tha...

6.5CVSS0.00144EPSS
Exploits1References2
CVE
CVE
added 2025/11/10 12:0 a.m.13 views

CVE-2025-63710

The CVE-2025-63710 entry concerns SourceCodester Simple Public Chat Room 1.0. The send_message.php endpoint is vulnerable to Cross-Site Request Forgery (CSRF) because there are no CSRF protections (tokens, nonces, or same-site cookies). An attacker could lure an authenticated user to a malicious ...

6.5CVSS6.4AI score0.00144EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/11/10 12:0 a.m.7 views

PT-2025-46161

Name of the Vulnerable Software and Affected Versions SourceCodester Simple Public Chat Room version 1.0 Description The application lacks CSRF-protection mechanisms like tokens, nonces, or same-site cookie restrictions. An attacker can create a malicious HTML page that, when visited by an...

6.5AI score0.00144EPSS
Exploits1References6
Cvelist
Cvelist
added 2025/11/10 12:0 a.m.9 views

CVE-2025-63710

The sendmessage.php endpoint in SourceCodester Simple Public Chat Room 1.0 is vulnerable to Cross-Site Request Forgery CSRF. The application does not implement any CSRF-protection mechanisms such as tokens, nonces, or same-site cookie restrictions. An attacker can create a malicious HTML page tha...

0.00144EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/11/10 12:0 a.m.5 views

CVE-2025-63710

The sendmessage.php endpoint in SourceCodester Simple Public Chat Room 1.0 is vulnerable to Cross-Site Request Forgery CSRF. The application does not implement any CSRF-protection mechanisms such as tokens, nonces, or same-site cookie restrictions. An attacker can create a malicious HTML page tha...

6.3AI score0.00144EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/11/10 12:0 a.m.4 views

SourceCodester Simple Public Chat Room 安全漏洞

SourceCodester Simple Public Chat Room is a simple public chat room in SourceCodester open source. A security vulnerability exists in SourceCodester Simple Public Chat Room version 1.0, which stems from the sendmessage.php endpoint that does not implement a CSRF protection mechanism, which could...

6.5CVSS6.6AI score0.00144EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.3 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988953)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988953 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix memleak in tcpbpfsendmsg while sk msg is full If tcpbpfsendmsg is running while...

5.5CVSS5.8AI score0.00253EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2025/11/01 10:54 a.m.6 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: Prevent arbitrary write in atmtcprecvcontrol. syzbot reported the issue below. 0 When atmtcpvopen or atmtcpvclose is called via connect or close, atmtcpsendcontrol is called to send a special message within the kerne...

7.8CVSS6.7AI score0.00157EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/11/01 10:54 a.m.6 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: atm: Revert atmaccounttx if copyfromiterfull fails. In vccsendmsg, we set sk-skwmemalloc based on account skb-truesize using atmaccounttx. This change is expected to be reverted by atmpopraw, which is called later in...

5.5CVSS6.1AI score0.00164EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/10/13 1:48 p.m.8 views

CVE-2025-39964 crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Disallow concurrent writes in afalgsendmsg Issuing two writes to the same afalg socket is bogus as the data will be interleaved in an unpredictable fashion. Furthermore, concurrent writes may create inconsistencie...

6.1AI score0.00232EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2025/10/13 1:48 p.m.6 views

CVE-2025-39964

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Disallow concurrent writes in afalgsendmsg Issuing two writes to the same afalg socket is bogus as the data will be interleaved in an unpredictable fashion. Furthermore, concurrent writes may create inconsistencie...

3.3CVSS5.6AI score0.00232EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/10/07 12:0 a.m.3 views

PT-2025-41041

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.0.0 1 Description The Linux kernel contains a flaw in the bpf, sockmap subsystem related to repeated calls to sock put when a message has more data. Specifically, in the tcp bpf send verdict redirection, the ev...

7.1AI score0.00158EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2025/10/05 2:52 a.m.4 views

SUSE CVE-2025-39931

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Set merge to zero early in afalgsendmsg If an error causes afalgsendmsg to abort, ctx-merge may contain a garbage value from the previous loop. This may then trigger a crash on the next entry into afalgsendmsg whe...

5.5CVSS6.5AI score0.00137EPSS
Exploits0References22
Rows per page
Query Builder