Astra Linux - уязвимость в linux-5.10, linux

Several Linux PV device frontends are vulnerable to attacks by backends that use grant table interfaces to remove access rights from resources. This can lead to potential data leaks, data corruption by malicious backends, and denial of service attacks. The backends that use these interfaces may n...

CloudCharge 代码问题漏洞

CloudCharge is a website for electric vehicle charging management developed by the Swedish company CloudCharge. CloudCharge has code-related vulnerabilities; these vulnerabilities stem from the WebSocket backend, which uses charging station identifiers to associate sessions. However, multiple...

EUVD-2022-43593

Malicious code in bioql PyPI...

EUVD-2023-37447

Malicious code in bioql PyPI...

GHSA-WC36-9694-F9RF vulnerabilities

Vulnerabilities for packages: tritonserver-backend-vllm...

GHSA-5VQR-WPRC-CPP7 vulnerabilities

Vulnerabilities for packages: tritonserver-backend-vllm...

GHSA-W2R7-9579-27HF vulnerabilities

Vulnerabilities for packages: tritonserver-backend-vllm...

PT-2022-28190 · Varnish · Varnish Cache

Name of the Vulnerable Software and Affected Versions: Varnish Cache versions prior to 6.0.11 Description: A request forgery attack can be performed on Varnish Cache servers with the HTTP/2 protocol enabled. An attacker may introduce invalid characters through HTTP/2 pseudo-headers, causing the...

SUSE-SU-2022:4007-1 Security update for xen

This update for xen fixes the following issues: - CVE-2022-33746: Fixed DoS due to excessively long P2M pool freeing bsc1203806. - CVE-2022-33748: Fixed DoS due to race in locking bsc1203807. - CVE-2022-42311, CVE-2022-42312, CVE-2022-42313, CVE-2022-42314, CVE-2022-42315, CVE-2022-42316,...

SUSE-SU-2022:3971-1 Security update for xen

This update for xen fixes the following issues: - CVE-2022-33746: Fixed DoS due to excessively long P2M pool freeing bsc1203806. - CVE-2022-33748: Fixed DoS due to race in locking bsc1203807. - CVE-2021-28689: Fixed speculative vulnerabilities with bare non-shim 32-bit PV guests bsc1185104. -...

CVE-2022-23041

Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...

CVE-2022-23038

Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...

Multiple SQL Injection Vulnerabilities in Ocean CMS V6.48 Backend

Ocean Movie System aka Ocean CMS seacms is a PHP movie system. Ocean CMS V6.48 backend user search, backend user edit admin\adminmembers.php page id parameter, backend admin\adminmembersgroup.php page $id parameter and admin\admindatarelate.php page $vfield SQL injection vulnerability exists. The...

Design flaws in the backend of Zendo project management software of Qingdao Easoft Tianchuang Network Technology Co.

Zendo is open source free project management software. Qingdao Easoft Tianchuang Network Technology Co., Ltd Zendo project management software backend there are design flaws vulnerabilities. Allow attackers to use the background sql query function to write webshell and gain server privileges...

SilverStripe 2.4.5 Cross Site Scripting

Advisory: SilverStripe 2.4.5 Multiple backend Cross-site scripting vulnerabilities Advisory ID: SSCHADV2011-024 Author: Stefan Schurtz Affected Software: Successfully tested on SilverStripe 2.4.5 Vendor URL: http://www.silverstripe.com/ Vendor Status: informed CVE-ID: - ==========================...