6753 matches found
CVE-2025-40079 riscv, bpf: Sign extend struct ops return values properly
In the Linux kernel, the following vulnerability has been resolved: riscv, bpf: Sign extend struct ops return values properly The nsbpfqdisc selftest triggers a kernel panic: Unable to handle kernel paging request at virtual address ffffffffa38dbf58 Current testprogs pgtable: 4K pagesize, 57-bit...
CVE-2025-40041
CVE-2025-40041 describes a LoongArch-specific Linux kernel fix for BPF: sign-extension of struct ops return values (instead of treating the pointer as a 32-bit value). The issue caused a kernel panic during the ns_bpf_qdisc selftest due to sign-extension being incorrect for LoongArch ABI. Public ...
EUVD-2025-36487
In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Sign-extend struct ops return values properly The nsbpfqdisc selftest triggers a kernel panic: Oops1: CPU 0 Unable to handle kernel paging request at virtual address 0000000000741d58, era == 90000000851b5ac0, ra =...
CVE-2025-40041 LoongArch: BPF: Sign-extend struct ops return values properly
In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Sign-extend struct ops return values properly The nsbpfqdisc selftest triggers a kernel panic: Oops1: CPU 0 Unable to handle kernel paging request at virtual address 0000000000741d58, era == 90000000851b5ac0, ra =...
CVE-2025-40041
In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Sign-extend struct ops return values properly The nsbpfqdisc selftest triggers a kernel panic: Oops1: CPU 0 Unable to handle kernel paging request at virtual address 0000000000741d58, era == 90000000851b5ac0, ra =...
CVE-2025-40041 LoongArch: BPF: Sign-extend struct ops return values properly
In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Sign-extend struct ops return values properly The nsbpfqdisc selftest triggers a kernel panic: Oops1: CPU 0 Unable to handle kernel paging request at virtual address 0000000000741d58, era == 90000000851b5ac0, ra =...
Timing Attack
com.ongres.scram:scram-common is vulnerable to Timing Attack. The vulnerability is due to the use of Arrays.equals for comparing sensitive authentication values, which performs short-circuit evaluations and causes variable execution times, allowing an attacker to exploit timing differences to inf...
CVE-2025-12249
A vulnerability was detected in Axosoft Scrum and Bug Tracking 22.1.1.11545. The impacted element is an unknown function of the component Edit Ticket Page. Performing manipulation of the argument Title results in csv injection. It is possible to initiate the attack remotely. The exploit is now...
CVE-2025-12249 Axosoft Scrum and Bug Tracking Edit Ticket csv injection
A vulnerability was detected in Axosoft Scrum and Bug Tracking 22.1.1.11545. The impacted element is an unknown function of the component Edit Ticket Page. Performing manipulation of the argument Title results in csv injection. It is possible to initiate the attack remotely. The exploit is now...
Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Improper Handling of Values (CVE-2024-46783)
In the Linux kernel, the following vulnerability has been resolved: tcpbpf: fix return value of tcpbpfsendmsg. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...
[SECURITY] [DLA 4349-1] request-tracker4 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4349-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz October 26, 2025 https://wiki.debian.org/LTS -...
CVE-2025-11576 AI Chatbot Free Models – Customer Support, Live Chat, Virtual Assistant <= 1.6.5 - Unauthenticated CSV Injection
The AI Chatbot Free Models – Customer Support, Live Chat, Virtual Assistant plugin for WordPress is vulnerable to CSV Injection in all versions up to, and including, 1.6.5. This is due to insufficient sanitization in the 'newcodebytechatbotexportmessages' function. This makes it possible for...
CVE-2025-60852
A CSV Injection vulnerability existed in Instant Developer Foundation versions prior to 25.0.9600. Applications built with affected versions of the framework did not properly sanitize user-controlled input before including it in CSV exports. This issue could lead to code execution on the system...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the improper use of boolean values in the afalgctx structure, which could lead to data conversion errors...
PT-2025-43615
Name of the Vulnerable Software and Affected Versions AI Chatbot Free Models plugin for WordPress versions up to and including 1.6.5 Description The AI Chatbot Free Models plugin for WordPress is susceptible to CSV Injection due to inadequate input sanitization within the newcodebyte chatbot expo...
FreeBSD : RT -- CSV injection (b374df95-afa8-11f0-b4c8-792b26d8a051)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the b374df95-afa8-11f0-b4c8-792b26d8a051 advisory. Gareth Watkin-Jones from 4armed reports: RT is vulnerable to CSV injection via ticket values with speci...
EUVD-2025-35683
A CSV Injection vulnerability existed in Instant Developer Foundation versions prior to 25.0.9600. Applications built with affected versions of the framework did not properly sanitize user-controlled input before including it in CSV exports. This issue could lead to code execution on the system...
CVE-2025-60852
A CSV Injection vulnerability existed in Instant Developer Foundation versions prior to 25.0.9600. Applications built with affected versions of the framework did not properly sanitize user-controlled input before including it in CSV exports. This issue could lead to code execution on the system...
CVE-2025-60852
A CSV Injection vulnerability existed in Instant Developer Foundation versions prior to 25.0.9600. Applications built with affected versions of the framework did not properly sanitize user-controlled input before including it in CSV exports. This issue could lead to code execution on the system...
RT -- CSV injection
Gareth Watkin-Jones from 4armed reports: RT is vulnerable to CSV injection via ticket values with special characters that are exported to a TSV from search results. Thanks to Gareth Watkin-Jones from 4armed for reporting this finding...