119 matches found
CVE-2021-47247
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free of encap entry in neigh update handler Function mlx5erepneighupdate wasn't updated to accommodate rtnl lock removal from TC filter update path and properly handle concurrent encap entry...
CVE-2021-47247
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free of encap entry in neigh update handler Function mlx5erepneighupdate wasn't updated to accommodate rtnl lock removal from TC filter update path and properly handle concurrent encap entry...
CVE-2021-47247
CVE-2021-47247 is a Linux kernel use-after-free in the mlx5e_encap_take path during neigh update, caused by improper handling when encap entries are concurrently inserted/deleted after rtnetlink lock changes. The issue is documented in upstream kernel notes and is listed in Debian’s DLA-4178-1 ad...
CVE-2021-47247 net/mlx5e: Fix use-after-free of encap entry in neigh update handler
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free of encap entry in neigh update handler Function mlx5erepneighupdate wasn't updated to accommodate rtnl lock removal from TC filter update path and properly handle concurrent encap entry...
CVE-2021-47247 net/mlx5e: Fix use-after-free of encap entry in neigh update handler
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free of encap entry in neigh update handler Function mlx5erepneighupdate wasn't updated to accommodate rtnl lock removal from TC filter update path and properly handle concurrent encap entry...
CVE-2021-47247
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free of encap entry in neigh update handler Function mlx5erepneighupdate wasn't updated to accommodate rtnl lock removal from TC filter update path and properly handle concurrent encap entry...
PT-2024-12762 · Ibm · Ibm Cognos Controller
Name of the Vulnerable Software and Affected Versions: IBM Cognos Controller versions 10.4.1 through 11.0.0 Description: The issue allows a remote attacker to send specially crafted SQL statements, which could enable the attacker to view, add, modify, or delete information in the back-end databas...
CVE-2024-34047
O-RAN RIC I-Release e2mgr lacks array size checks in RicServiceUpdateHandler...
PT-2024-25664 · O Ran · O-Ran Ric I-Release E2Mgr
Name of the Vulnerable Software and Affected Versions: O-RAN RIC I-Release e2mgr affected versions not specified Description: The issue is related to a lack of array size checks in the RicServiceUpdateHandler of the O-RAN RIC I-Release e2mgr. Recommendations: At the moment, there is no informatio...
CVE-2024-1707
A vulnerability, which was classified as problematic, was found in GARO WALLBOX GLB+ T2EV7 0.5. This affects an unknown part of the file /index.jspsettings of the component Software Update Handler. The manipulation of the argument Reference leads to cross site scripting. It is possible to initiat...
CVE-2024-1707 GARO WALLBOX GLB+ T2EV7 Software Update index.jsp#settings cross site scripting
A vulnerability, which was classified as problematic, was found in GARO WALLBOX GLB+ T2EV7 0.5. This affects an unknown part of the file /index.jspsettings of the component Software Update Handler. The manipulation of the argument Reference leads to cross site scripting. It is possible to initiat...
CVE-2023-3505
A vulnerability was found in Onest CRM 1.0. It has been classified as problematic. This affects an unknown part of the file /admin/project/update/2 of the component Project List Handler. The manipulation of the argument name with the input alert1 leads to cross site scripting. It is possible to...
CVE-2023-1909
A vulnerability, which was classified as critical, was found in PHPGurukul BP Monitoring Management System 1.0. Affected is an unknown function of the file profile.php of the component User Profile Update Handler. The manipulation of the argument name/mobno leads to sql injection. It is possible ...
CVE-2023-1909
A vulnerability, which was classified as critical, was found in PHPGurukul BP Monitoring Management System 1.0. Affected is an unknown function of the file profile.php of the component User Profile Update Handler. The manipulation of the argument name/mobno leads to sql injection. It is possible ...
Sql injection
A vulnerability, which was classified as critical, was found in PHPGurukul BP Monitoring Management System 1.0. Affected is an unknown function of the file profile.php of the component User Profile Update Handler. The manipulation of the argument name/mobno leads to sql injection. It is possible ...
CVE-2023-1442
A vulnerability was found in Meizhou Qingyunke QYKCMS 4.3.0. It has been classified as problematic. This affects an unknown part of the file /adminsystem/api.php of the component Update Handler. The manipulation of the argument downurl leads to unrestricted upload. It is possible to initiate the...
Design/Logic Flaw
A vulnerability was found in Meizhou Qingyunke QYKCMS 4.3.0. It has been classified as problematic. This affects an unknown part of the file /adminsystem/api.php of the component Update Handler. The manipulation of the argument downurl leads to unrestricted upload. It is possible to initiate the...
CVE-2023-1442 Meizhou Qingyunke QYKCMS Update api.php unrestricted upload
A vulnerability was found in Meizhou Qingyunke QYKCMS 4.3.0. It has been classified as problematic. This affects an unknown part of the file /adminsystem/api.php of the component Update Handler. The manipulation of the argument downurl leads to unrestricted upload. It is possible to initiate the...
PT-2023-16986 · Meizhou Qingyunke · Qykcms
Name of the Vulnerable Software and Affected Versions: Meizhou Qingyunke QYKCMS version 4.3.0 Description: A vulnerability was found in the Update Handler component of Meizhou Qingyunke QYKCMS, affecting an unknown part of the file /admin system/api.php. The manipulation of the downurl argument...
CVE-2023-1277
A vulnerability, which was classified as critical, was found in kylin-system-updater up to 1.4.20kord on Ubuntu Kylin. Affected is the function InstallSnap of the component Update Handler. The manipulation leads to command injection. The attack needs to be approached locally. The exploit has been...