CVE-2023-0904

A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file task-details.php. The manipulation of the argument taskid leads to sql injection. The attack may be initiated remotely. The exploi...

CVE-2023-43944

A Stored Cross Site Scripting XSS vulnerability was found in SourceCodester Task Management System 1.0. It allows attackers to execute arbitrary code via parameter field in index.php?page=projectlist...

CVE-2023-33968

Kanboard is open source project management software that focuses on the Kanban methodology. Versions prior to 1.2.30 are subject to a missing access control vulnerability that allows a user with low privileges to create or transfer tasks to any project within the software, even if they have not...

CVE-2022-49039

Out-of-bounds write vulnerability in backup task management functionality in Synology Drive Client before 3.4.0-15721 allows local users with administrator privileges to execute arbitrary commands via unspecified vectors...

CVE-2021-43712

Stored XSS in Add New Employee Form in Sourcecodester Employee Daily Task Management System 1.0 Allows Remote Attacker to Inject/Store Arbitrary Code via the Name Field...

CVE-2021-38191

An issue was discovered in the tokio crate before 1.8.1 for Rust. Upon a JoinHandle::abort, a Task may be dropped in the wrong thread...

CVE-2018-17179

An issue was discovered in OpenEMR before 5.0.1 Patch 7. There is SQL Injection in the maketask function in /interface/forms/eyemag/php/taskmanfunctions.php via /interface/forms/eyemag/taskman.php...

AZL-70144 CVE-2025-37861 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue When the task management thread processes reply queues while the reset thread resets them, the task management thread accesses an invalid queue ID 0xFFFF, s...

CVE-2025-37861

The CVE 2025-37861 pertains to the Linux kernel SCSI MPI3MR driver where the TM thread could process reply queues while the reset thread reinitializes them, causing an access to an invalid queue ID (0xFFFF) and a crash. The fix adds a synchronization flag io_admin_reset_sync. Before a reset, the ...

Deserialization Of Untrusted Data

com.aizuda, snail-job is vulnerable to Deserialization of Untrusted Data. The vulnerability is due to improper input validation of the nodeExpression argument in the getRuntime function of the Workflow-Task Management Module, allowing an attacker to execute arbitrary code remotely...

CVE-2023-53025

...

CVE-2023-53025

...

GHSA-4M5H-5V4Q-4XGQ aizuda snail-job Vulnerable to Deserialization via `nodeExpression` Argument

A vulnerability was found in aizuda snail-job 1.4.0. It has been classified as critical. Affected is the function getRuntime of the file /snail-job/workflow/check-node-expression of the component Workflow-Task Management Module. The manipulation of the argument nodeExpression leads to...

CVE-2025-2622 aizuda snail-job Workflow-Task Management Module check-node-expression getRuntime deserialization

A vulnerability was found in aizuda snail-job 1.4.0. It has been classified as critical. Affected is the function getRuntime of the file /snail-job/workflow/check-node-expression of the component Workflow-Task Management Module. The manipulation of the argument nodeExpression leads to...

CVE-2025-2622 aizuda snail-job Workflow-Task Management Module check-node-expression getRuntime deserialization

A vulnerability was found in aizuda snail-job 1.4.0. It has been classified as critical. Affected is the function getRuntime of the file /snail-job/workflow/check-node-expression of the component Workflow-Task Management Module. The manipulation of the argument nodeExpression leads to...

Linux Distros Unpatched Vulnerability : CVE-2022-49179

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: block, bfq: don't move oombfqq Our test report a UAF: 2073.019181...

CVE-2022-49647 cgroup: Use separate src/dst nodes when preloading css_sets for migration

In the Linux kernel, the following vulnerability has been resolved: cgroup: Use separate src/dst nodes when preloading csssets for migration Each cset cssset is pinned by its tasks. When we're moving tasks around across csets for a migration, we need to hold the source and destination csets to...

CVE-2022-49120 scsi: pm8001: Fix task leak in pm8001_send_abort_all()

In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix task leak in pm8001sendabortall In pm8001sendabortall, make sure to free the allocated sas task if pm8001tagalloc or pm8001mpibuildcmd fail...

The vulnerability of the task and project management service WEEEK lies in the lack of measures taken to protect the website structure, allowing a perpetrator to execute arbitrary JavaScript code.

The vulnerability of the WEEEK task and project management service is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a remote attacker to execute arbitrary JavaScript code...

CVE-2025-0846

A vulnerability was found in 1000 Projects Employee Task Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/AdminLogin.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The...