CVE-2025-39792

CVE-2025-39792 concerns the Linux kernel, where zoned DM targets (dm-crypt and dm-flakey) could previously encounter unsafe BIO splitting when handling zone append emulation. The advisory states that dm_accept_partial_bio() must not split writes passed to the map() function and that large BIOs mu...

DEBIAN-CVE-2025-39791

In the Linux kernel, the following vulnerability has been resolved: dm: dm-crypt: Do not partially accept write BIOs with zoned targets Read and write operations issued to a dm-crypt target may be split according to the dm-crypt internal limits defined by the maxreadsize and maxwritesize module...

PT-2025-37248

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw within the dm-crypt module related to handling write operations on zoned storage devices. Specifically, the issue arises from the splitting of BIOs blo...

Linux Distros Unpatched Vulnerability : CVE-2012-5128

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Google V8 before 3.13.7.5, as used in Google Chrome before 23.0.1271.64, does not properly perform write operations, which allows remote attackers to cause a...

DEBIAN-CVE-2025-38111

In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fix potential out-of-bounds read/write access When using publicly available tools like 'mdio-tools' to read/write data from/to network interface and its PHY via mdiobus, there is no verification of parameters passed ...

UBUNTU-CVE-2025-38111

In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fix potential out-of-bounds read/write access When using publicly available tools like 'mdio-tools' to read/write data from/to network interface and its PHY via mdiobus, there is no verification of parameters passed ...

CVE-2021-36169

A Hidden Functionality in Fortinet FortiOS 7.x before 7.0.1, FortiOS 6.4.x before 6.4.7 allows attacker to Execute unauthorized code or commands via specific hex read/write operations...

CVE-2019-14413

cPanel before 78.0.2 allows certain file-write operations as shared users during connection resets SEC-476...

CVE-2018-20882

cPanel before 74.0.8 allows arbitrary file-write operations in the context of the root account during WHM Force Password Change SEC-447...

CVE-2013-5550

The fabric-interconnect component in Cisco Unified Computing System UCS allows local users to cause a denial of service via crafted command parameters that trigger hardware-component write operations, aka Bug ID CSCtq86549...

CVE-2025-37806

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Keep write operations atomic syzbot reported a NULL pointer dereference in genericfilewriteiter. 1 Before the write operation is completed, the user executes ioctl2 to clear the compress flag of the file, which causes t...

CVE-2025-37806 fs/ntfs3: Keep write operations atomic

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Keep write operations atomic syzbot reported a NULL pointer dereference in genericfilewriteiter. 1 Before the write operation is completed, the user executes ioctl2 to clear the compress flag of the file, which causes t...

CVE-2025-37806

CVE-2025-37806 affects Linux kernel fs/ntfs3 write path. A NULL pointer dereference can occur in __generic_file_write_iter when an ioctl clears the file’s compress flag during a write, causing is_compressed() to return 0 and the code to call the wrong AOP, leading to a null dereference in write_b...

CVE-2024-50631

Improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability in the system syncing daemon in Synology Drive Server before 3.0.4-12699, 3.2.1-23280, 3.5.0-26085 and 3.5.1-26102 allows remote attackers to inject SQL commands, limited to write operations, via...

CVE-2024-50631

CVE-2024-50631 affects Synology Drive Server; the system syncing daemon is vulnerable to SQL injection due to improper neutralization of special elements in SQL commands. Versions affected include before 3.0.4-12699, 3.2.1-23280, 3.5.0-26085 and 3.5.1-26102. The vulnerability can allow remote att...

CVE-2024-50631

Improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability in the system syncing daemon in Synology Drive Server before 3.0.4-12699, 3.2.1-23280, 3.5.0-26085 and 3.5.1-26102 allows remote attackers to inject SQL commands, limited to write operations, via...

CVE-2024-1654

This vulnerability potentially allows unauthorized write operations which may lead to remote code execution. An attacker must already have authenticated admin access and knowledge of both an internal system identifier and details of another valid user to exploit this...

Imagination GPU Driver 安全漏洞

Imagination GPU Driver is a graphics driver from Imagination. A security vulnerability exists in Imagination GPU Driver. An attacker exploiting this vulnerability could perform incorrect read and write operations...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the netfs module not properly handling cache operations on writes. This could result in a system hang or a faile...

CVE-2024-57927

In the Linux kernel, the following vulnerability has been resolved: nfs: Fix oops in nfsnetfsinitrequest when copying to cache When netfslib wants to copy some data that has just been read on behalf of nfs, it creates a new write request and calls nfsnetfsinitrequest to initialise it, but with a...