22 matches found
UBUNTU-CVE-2025-4011
A vulnerability has been found in Redmine 6.0.0/6.0.1/6.0.2/6.0.3 and classified as problematic. This vulnerability affects unknown code of the component Custom Query Handler. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. Upgrading to...
PT-2025-13833
Name of the Vulnerable Software and Affected Versions Open Asset Import Library Assimp version 5.4.3 Description A critical issue has been found in the ASE File Handler component of the Open Asset Import Library Assimp. This issue affects the Assimp::ASEImporter::BuildUniqueRepresentation functio...
PT-2023-8580 · Squid +10 · Squid +11
Name of the Vulnerable Software and Affected Versions: Squid versions prior to 6.0.1 Description: The issue is related to a NULL pointer dereference bug in Squid's Gopher gateway, making it vulnerable to a Denial of Service attack. The gopher protocol is always available and enabled in Squid prio...
Access Restriction Bypass
Overview Microsoft.AspNetCore.App.Runtime.linux-musl-x64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Access Restriction Bypass. A vulnerability exist...
PT-2023-33773 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.16 Description: The issue is related to a potential double free in the RDMA/rxe module. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior t...
PT-2023-33524 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.18 Description: The issue is related to the ext4 file system in the Linux Kernel. A warning is silenced when evicting an inode with dioread nolock. The actual impact and attack plausibility have not yet bee...
PT-2023-33157 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.12 Description: The issue is related to a server-active leak in the afs put server function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions...
PT-2022-35108 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0 Description: The issue is related to sleep in atomic context bugs caused by dev coredump. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior...
PT-2022-35123 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.3 Description: The issue concerns a send buffer overflow in NFSv2 READDIR. It was introduced in version v5.16 and is fixed in Linux Kernel version v6.0.3. The actual impact and attack plausibility have not...
PT-2022-35103 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.3 Description: The issue is related to handling the error returned from sctp auth asoc init active key. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...
PT-2022-35009 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0 Description: A potential issue exists in the snd hda codec shutdown function, which may cause a page fault. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux...
PT-2022-35189 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.1 Description: A bug has been identified in the nilfs mdt destroy function, potentially leading to a use-after-free UAF or general protection fault GPF issue. The actual impact and attack plausibility have...
PT-2022-35124 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.3 Description: The issue is related to a crafted negative i size in erofs, which may cause a warning due to an order greater than or equal to MAX ORDER. The actual impact and attack plausibility have not ye...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE where a stack buffer overrun occurs in .NET Double Parse routine. Remediation Upgrade Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-arm64 to version 6.0.3 or higher. References - Dotnet Announcement - Dotne...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE where a stack buffer overrun occurs in .NET Double Parse routine. Remediation Upgrade Microsoft.NETCore.App.Runtime.win-x86 to version 6.0.3 or higher. References - Dotnet Announcement - Dotnet Issue - Microsof...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE where a stack buffer overrun occurs in .NET Double Parse routine. Remediation Upgrade Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64 to version 6.0.3 or higher. References - Dotnet Announcement - Dotnet...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE where a stack buffer overrun occurs in .NET Double Parse routine. Remediation Upgrade Microsoft.NETCore.App.Runtime.Mono.ios-arm to version 6.0.3 or higher. References - Dotnet Announcement - Dotnet Issue -...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE where a stack buffer overrun occurs in .NET Double Parse routine. Remediation Upgrade Microsoft.NETCore.App.Runtime.Mono.android-arm.Msi.x64 to version 6.0.3 or higher. References - Dotnet Announcement - Dotnet...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE where a stack buffer overrun occurs in .NET Double Parse routine. Remediation Upgrade Microsoft.NETCore.App.Runtime.linux-musl-arm64 to version 6.0.3 or higher. References - Dotnet Announcement - Dotnet Issue -...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE where a stack buffer overrun occurs in .NET Double Parse routine. Remediation Upgrade Microsoft.NETCore.App.Runtime.osx-x64 to version 6.0.3 or higher. References - Dotnet Announcement - Dotnet Issue - Microsof...