203 matches found
RHEL 10 : kernel (RHSA-2025:16904)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:16904 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: fs: export...
fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass
...
Amazon Linux 2 : kernel (ALASKERNEL-5.10-2025-097)
The version of kernel installed on the remote host is prior to 5.10.238-234.956. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2025-097 advisory. In the Linux kernel, the following vulnerability has been resolved: mm/khugepaged: fix -anonvma race...
Linux Distros Unpatched Vulnerability : CVE-2025-21907
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm: memory-failure: update ttu flag inside unmappoisonedfolio Patch series mm: memoryfailure: unmap poisoned folio during migrate properly, v3. Fix two bugs...
Linux Distros Unpatched Vulnerability : CVE-2024-40950
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mm: hugememory: fix misused mappinglargefoliosupport for anon folios When I did a large foli...
Linux Distros Unpatched Vulnerability : CVE-2025-38396
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: fs: export anoninodemakesecureinode and fix secretmem LSM bypass Export...
SUSE CVE-2025-38396
In the Linux kernel, the following vulnerability has been resolved: fs: export anoninodemakesecureinode and fix secretmem LSM bypass Export anoninodemakesecureinode to allow KVM guestmemfd to create anonymous inodes with proper security context. This replaces the current pattern of calling...
AZL-65726 CVE-2025-38396 affecting package kernel for versions less than 6.6.104.2-1
In the Linux kernel, the following vulnerability has been resolved: fs: export anoninodemakesecureinode and fix secretmem LSM bypass Export anoninodemakesecureinode to allow KVM guestmemfd to create anonymous inodes with proper security context. This replaces the current pattern of calling...
UBUNTU-CVE-2025-38396
In the Linux kernel, the following vulnerability has been resolved: fs: export anoninodemakesecureinode and fix secretmem LSM bypass Export anoninodemakesecureinode to allow KVM guestmemfd to create anonymous inodes with proper security context. This replaces the current pattern of calling...
CVE-2025-38396 fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass
In the Linux kernel, the following vulnerability has been resolved: fs: export anoninodemakesecureinode and fix secretmem LSM bypass Export anoninodemakesecureinode to allow KVM guestmemfd to create anonymous inodes with proper security context. This replaces the current pattern of calling...
SUSE CVE-2025-38207
In the Linux kernel, the following vulnerability has been resolved: mm: fix uprobe pte be overwritten when expanding vma Patch series "Fix uprobe pte be overwritten when expanding vma". This patch of 4: We encountered a BUG alert triggered by Syzkaller as follows: BUG: Bad rss-counter state...
CVE-2025-52733
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Anonform Ab ANON::form embedded secure form anonform-embedded-secure-form allows DOM-Based XSS.This issue affects ANON::form embedded secure form: from n/a through = 1.7...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix WRITESAME No Data Buffer crash In newer version of the SBC specs, we have a NDOB bit that indicates there is no data buffer that gets written out. If this bit is set using commands like...
CVE-2025-52733 WordPress ANON::form embedded secure form plugin <= 1.7 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Anonform Ab ANON::form embedded secure form allows DOM-Based XSS. This issue affects ANON::form embedded secure form: from n/a through 1.7...
CVE-2025-52733 WordPress ANON::form embedded secure form plugin <= 1.7 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Anonform Ab ANON::form embedded secure form anonform-embedded-secure-form allows DOM-Based XSS.This issue affects ANON::form embedded secure form: from n/a through = 1.7...
PT-2025-26410 · Unknown · Anon::Form
Name of the Vulnerable Software and Affected Versions: ANON::form embedded secure form versions 1.7 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for DOM-Based XSS in the ANON::form...
WordPress plugin ANON::form embedded secure form 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress ANON::form embedded secure form plugin that stems from the application's lack of effective filtering and escaping of...
GHSA-PR59-JJR4-GCF6 anon-vec lacks sufficient checks in public API
The following functions in the anon-vec crate are unsound due to insufficient checks on their arguments:: - AnonVec::getref - AnonVec::getmut - AnonVec::removeget The crate was built as a learning project and is not being maintained...
anon-vec lacks sufficient checks in public API
The following functions in the anon-vec crate are unsound due to insufficient checks on their arguments:: - AnonVec::getref - AnonVec::getmut - AnonVec::removeget The crate was built as a learning project and is not being maintained...
PT-2025-25491 · Crates.Io · Anon-Vec
The following functions in the anon-vec crate are unsound due to insufficient checks on their arguments:: - AnonVec::get ref - AnonVec::get mut - AnonVec::remove get The crate was built as a learning project and is not being maintained...