CVE-2024-23353

Transient DOS while decoding attach reject message received by UE, when IEI is set to ESMIEI...

DEBIAN-CVE-2025-21683

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix bpfskselectreuseport memory leak As pointed out in the original comment, lookup in sockmap can return a TCP ESTABLISHED socket. Such TCP socket may have had SOATTACHREUSEPORTEBPF set before it was ESTABLISHED. In other...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the attach component of the content edition feature, which allows users to attach files or medias to a page. Details Cross-site scripting or XSS is a code vulnerability that occurs when an attacker “injects”...

YesWiki 跨站脚本漏洞

YesWiki is a wiki system written in PHP by the French organization YesWiki. It is used to create and manage websites in a collaborative way. A cross-site scripting vulnerability exists in YesWiki 4.4.5 and earlier versions, which stems from improper input validation when the attach component...

PT-2025-5262 · Yeswiki · Yeswiki

Name of the Vulnerable Software and Affected Versions: YesWiki versions up to and including 4.4.5 Description: The vulnerability allows an authenticated user with rights to edit or create a page or comment to trigger a stored XSS attack, which can be reflected on any page where the resource is...

WordPress Attach Gallery Posts plugin <= 1.6 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh in WordPress Plugin Attach Gallery Posts versions = 1.6...

AZL-55831 CVE-2024-57887 affecting package kernel for versions less than 6.6.76.1-1

In the Linux kernel, the following vulnerability has been resolved: drm: adv7511: Fix use-after-free in adv7533attachdsi The hostnode pointer was assigned and freed in adv7533parsedt, and later, adv7533attachdsi uses the same. Fix this use-after-free issue by dropping ofnodeput in adv7533parsedt...

AZL-56121 CVE-2024-47809 affecting package kernel for versions less than 6.6.76.1-1

In the Linux kernel, the following vulnerability has been resolved: dlm: fix possible lkbresource null dereference This patch fixes a possible null pointer dereference when this function is called from requestlock as lkb-lkbresource is not assigned yet, only after validatelockargs by calling...

AZL-56166 CVE-2024-47809 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: dlm: fix possible lkbresource null dereference This patch fixes a possible null pointer dereference when this function is called from requestlock as lkb-lkbresource is not assigned yet, only after validatelockargs by calling...

CVE-2024-47809 dlm: fix possible lkb_resource null dereference

In the Linux kernel, the following vulnerability has been resolved: dlm: fix possible lkbresource null dereference This patch fixes a possible null pointer dereference when this function is called from requestlock as lkb-lkbresource is not assigned yet, only after validatelockargs by calling...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from the use of the uninitialized local variable rb as a read buffer in the dvb-frontends/dib3000mb driver of t...

PT-2025-30824

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists within the remoteproc subsystem of the Linux kernel. Specifically, when attempting to attach to a remote processor using rproc attach, if rproc handle resources fail...

PT-2025-30823

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the Linux kernel's remoteproc core component. Specifically, when attaching to a remote processor via rproc attach, if rproc handle resources fails, the clean tabl...

CVE-2024-53172

CVE-2024-53172 (Linux kernel, UBI fastmap) : The issue arises in the fast attaching path where alloc_ai() could be invoked twice with the same slab cache name 'ubi_aeb_slab_cache', triggering a kernel WARNING "kmem_cache_create_args". The root cause is duplicate slab cache names during fastmap at...

PT-2025-3612

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.74 Description A use-after-free issue was found in the Linux kernel, specifically in the adv7533 attach dsi function. The host node pointer was assigned and freed in adv7533 parse dt, and later used in adv753...

kernel: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE

In the Linux kernel, the following vulnerability has been resolved: bpf: Add BPFPROGTYPECGROUPSKB attach type enforcement in BPFLINKCREATE bpfprogattach uses attachtypetoprogtype to enforce proper attach type for BPFPROGTYPECGROUPSKB. linkcreate uses bpfprogget and relies on...

RockyLinux 8 : kernel-rt:4.18.0 (RLSA-2024:10282)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:10282 advisory. kernel: media: edia: dvbdev: fix a use-after-free CVE-2024-27043 kernel: bpf: Add BPFPROGTYPECGROUPSKB attach type enforcement in BPFLINKCREATE...

kernel: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE

In the Linux kernel, the following vulnerability has been resolved: bpf: Add BPFPROGTYPECGROUPSKB attach type enforcement in BPFLINKCREATE bpfprogattach uses attachtypetoprogtype to enforce proper attach type for BPFPROGTYPECGROUPSKB. linkcreate uses bpfprogget and relies on...

kernel: bpf: Fix use-after-free in bpf_uprobe_multi_link_attach()

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix use-after-free in bpfuprobemultilinkattach If bpflinkprime fails, bpfuprobemultilinkattach goes to the errorfree label and frees the array of bpfuprobe's without calling bpfuprobeunregister. This leaks bpfuprobe-uprobe a...

RHEL 9 : kernel (RHSA-2024:10945)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:10945 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: bpf: Add BPFPROGTYPECGROUPSKB attach...