CVE-2026-7888

Concrete CMS below 9.5.2 is vulnerable to PHP Object Injection via unserialize calls in the Workflow, Form block, and File/Set components that lack the allowedclasses restriction. An unauthenticated attacker may trigger arbitrary PHP object instantiation if a malicious serialized payload has been...

EUVD-2026-34164

Concrete CMS below 9.5.2 is vulnerable to PHP Object Injection via unserialize calls in the Workflow, Form block, and File/Set components that lack the allowedclasses restriction. An unauthenticated attacker may trigger arbitrary PHP object instantiation if a malicious serialized payload has been...

CVE-2026-7888

Concrete CMS below 9.5.2 is vulnerable to PHP Object Injection via unserialize calls in the Workflow, Form block, and File/Set components that lack the allowedclasses restriction. An unauthenticated attacker may trigger arbitrary PHP object instantiation if a malicious serialized payload has been...

CVE-2026-7888 Concrete CMS below 9.5.2 is vulnerable to PHP Object Injection via unserialize() calls in the Workflow, Form block, and File/Set components that lack the allowed_classes restriction.

Concrete CMS below 9.5.2 is vulnerable to PHP Object Injection via unserialize calls in the Workflow, Form block, and File/Set components that lack the allowedclasses restriction. An unauthenticated attacker may trigger arbitrary PHP object instantiation if a malicious serialized payload has been...

PT-2026-46047

Name of the Vulnerable Software and Affected Versions Concrete CMS versions prior to 9.5.2 Description PHP Object Injection occurs due to the use of unserialize calls within the Workflow, Form block, and File/Set components that do not implement the allowed classes restriction. This allows an...

EUVD-2026-24161

Twenty is an open source CRM. Prior to 1.20.6, a Stored Cross-Site Scripting XSS vulnerability exists in the BlockNote editor component. Due to a lack of protocol validation in the FileBlock component and insufficient server-side inspection of block content, an attacker can inject a javascript: U...

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A resource management error vulnerability exists in Linux kernel, which stems from the block bfq component potentially accessing a freed bfqq in the bicsetbfqq function...

The vulnerability of the block component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the blkaddpartition function in the block component of the Linux operating system’s kernel is related to the assignment of a NULL pointer. Exploiting this vulnerability could allow an attacker to trigger a service failure...

The vulnerability of the block component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the block component in the Linux operating system’s kernel is related to the lack of memory release after the effective service life in the biointegrityprep function. Exploiting this vulnerability can allow a hacker to cause a service failure...

The vulnerability of the block component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the block component in the Linux operating system’s kernel is related to improper blocking mechanisms. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerabilities of the functions blkFlushCompleteSeq() and flushEndIo() in the block component (block/blk-flush.c) of the Linux operating system allow a hacker to trigger a service failure.

The vulnerabilities of the functions blkFlushCompleteSeq and flushEndIo in the block component block/blk-flush.c of the Linux kernel are related to improper initialization. Exploiting these vulnerabilities can allow an attacker to cause a service failure...

The vulnerability of the block component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the block component in the Linux operating system’s kernel is related to errors in resource management in the blkdeviomapbegin function. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the block component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the block component in the Linux operating system’s kernel is related to the use of an uninitialized resource. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the block component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the block component in the Linux operating system’s kernel is related to the lack of a check for division by zero in the function blkrqstatinit. Exploiting this vulnerability can allow an attacker to cause a service failure...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a deadlock issue in the block component when handling sdremove and sdrelease...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a problem with the block component when handling request queue lists...

PT-2024-22912 · Unknown · Px4-Autopilot

Name of the Vulnerable Software and Affected Versions: PX4 Autopilot version 1.14.0 Description: An issue in the mission block.cpp component allows an attacker to manipulate the flight path, potentially causing crashes of the drone by altering the home point location. Recommendations: For PX4...