117 matches found
JetBrains YouTrack 安全漏洞
JetBrains YouTrack is a browser-based error tracking and project management software developed by Czech company JetBrains. This software features error tracking, the ability to create workflows, and monitoring of project progress. Versions of JetBrains YouTrack prior to 2026.1.13162 contained...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: A leak in mapuserpages was fixed. If getuserpagesfast allocates some pages, but not as many as we wanted, then the current code causes those pages to be leaked. Call putpage on the pages before returning...
Astra Linux - уязвимость в linux-6.1, linux-5.15, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: VMCI: fixed a race condition between vmcihostsetupnotify and vmcictxunsetnotify. During our testing, it was found that a warning can occur in trygrabfolio. The detailed error message is as follows: ----------- Cut here ----------...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Treat the remaining value of == 0 as an error in findandmapuserpages. Currently, if findandmapuserpages receives a DMA transfer request from the user with a length field set to 0, or in a rare case, when the host...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix NULL page-mapping dereference in pageissecretmem Check for a NULL page-mapping before dereferencing the mapping in pageissecretmem, as the page’s mapping can be nullified while gup is running, e.g., by reclaimin...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: fixed the error exit of privcmdioctldmop. The error exit of privcmdioctldmop calls unlockpages, potentially with pages being NULL, leading to a NULL dereference. Additionally, lockpages does not check whether...
CVE-2026-31437 netfs: Fix NULL pointer dereference in netfs_unbuffered_write() on retry
In the Linux kernel, the following vulnerability has been resolved: netfs: Fix NULL pointer dereference in netfsunbufferedwrite on retry When a write subrequest is marked NETFSSREQNEEDRETRY, the retry path in netfsunbufferedwrite unconditionally calls stream-preparewrite without checking if it is...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013435)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013435 advisory. In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix NULL page-mapping dereference in pageissecretmem Check for a NULL page-mapping...
PT-2026-31318
CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to 0.31.4.0, the blacklist ban note parameter in UserController::ajax blackList post is stored in the database without sanitization and rendered into...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006656)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006656 advisory. In the Linux kernel, the following vulnerability has been resolved: VMCI: check context-notifypage after call to getuserpagesfast to avoid GPF The call to...
Azure Linux 3.0 Security Update: kernel (CVE-2025-38102)
"The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38102 advisory. - In the Linux kernel, the following vulnerability has been resolved: VMCI: fix race between...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000545)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000545 advisory. The Linux Kernel versions 2.6.38 through 4.14 have a problematic use of pmdmkdirty in the touchpmd function inside the THP implementation. touchpmd can be reached by...
CVE-2023-25968
Cross-Site Request Forgery CSRF vulnerability in Cozmoslabs, Madalin Ungureanu, Antohe Cristian Client Portal – Private user pages and login plugin = 1.1.8 versions...
SUSE CVE-2023-54239
In the Linux kernel, the following vulnerability has been resolved: iommufd: Check for uptr overflow syzkaller found that setting up a map with a user VA that wraps past zero can trigger WARNONs, particularly from pinuserpages weirdly returning 0 due to invalid arguments. Prevent creating a pages...
Linux Distros Unpatched Vulnerability : CVE-2023-53778
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - accel/qaic: Clean up integer overflow checking in mapuserpages The encodedma function has some validation on intrans-size but it would be more clear to move...
CVE-2023-53778
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Clean up integer overflow checking in mapuserpages The encodedma function has some validation on intrans-size but it would be more clear to move those checks to findandmapuserpages. The encodedma had two checks: if...
SUSE CVE-2023-53778
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Clean up integer overflow checking in mapuserpages The encodedma function has some validation on intrans-size but it would be more clear to move those checks to findandmapuserpages. The encodedma had two checks: if...
EUVD-2023-60128
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Clean up integer overflow checking in mapuserpages The encodedma function has some validation on intrans-size but it would be more clear to move those checks to findandmapuserpages. The encodedma had two checks: if...
DEBIAN-CVE-2023-53778
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Clean up integer overflow checking in mapuserpages The encodedma function has some validation on intrans-size but it would be more clear to move those checks to findandmapuserpages. The encodedma had two checks: if...
UBUNTU-CVE-2023-53778
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Clean up integer overflow checking in mapuserpages The encodedma function has some validation on intrans-size but it would be more clear to move those checks to findandmapuserpages. The encodedma had two checks: if...