Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: qca – fixed an issue where information was leaked when retrieving the board ID. A missing sanity check was added when retrieving the board ID to prevent the leakage of slab data when requesting the firmware later...

CVE-2026-25564

WeKan versions prior to 8.19 contain an insecure direct object reference IDOR in checklist creation and related checklist routes. The implementation does not verify that the supplied cardId belongs to the supplied boardId, allowing cross-board ID tampering by manipulating identifiers...

CVE-2026-1896

A vulnerability has been found in WeKan up to 8.20. Affected by this vulnerability is the function ComprehensiveBoardMigration of the file server/migrations/comprehensiveBoardMigration.js of the component Migration Operation Handler. The manipulation of the argument boardId leads to improper acce...

CVE-2026-1896 WeKan Migration Operation comprehensiveBoardMigration.js ComprehensiveBoardMigration MigrationBleed access control

A vulnerability has been found in WeKan up to 8.20. Affected by this vulnerability is the function ComprehensiveBoardMigration of the file server/migrations/comprehensiveBoardMigration.js of the component Migration Operation Handler. The manipulation of the argument boardId leads to improper acce...

CVE-2026-1896

A vulnerability has been found in WeKan up to 8.20. Affected by this vulnerability is the function ComprehensiveBoardMigration of the file server/migrations/comprehensiveBoardMigration.js of the component Migration Operation Handler. The manipulation of the argument boardId leads to improper acce...

CVE-2026-1894

A vulnerability was detected in WeKan up to 8.20. This impacts an unknown function of the file models/checklistItems.js of the component REST API. Performing a manipulation of the argument item.cardId/item.checklistId/card.boardId results in improper authorization. Remote exploitation of the atta...

CVE-2026-1894

A vulnerability was detected in WeKan up to 8.20. This impacts an unknown function of the file models/checklistItems.js of the component REST API. Performing a manipulation of the argument item.cardId/item.checklistId/card.boardId results in improper authorization. Remote exploitation of the atta...

CVE-2026-1894 WeKan REST API checklistItems.js Checklist REST Bleed improper authorization

A vulnerability was detected in WeKan up to 8.20. This impacts an unknown function of the file models/checklistItems.js of the component REST API. Performing a manipulation of the argument item.cardId/item.checklistId/card.boardId results in improper authorization. Remote exploitation of the atta...

PT-2026-6073

Name of the Vulnerable Software and Affected Versions Wekan versions up to 8.20 Description A security issue exists in Wekan’s REST API component, specifically within the file models/checklistItems.js. Manipulation of the arguments item.cardId, item.checklistId, and card.boardId can lead to...

PT-2026-6075

Name of the Vulnerable Software and Affected Versions WeKan versions prior to 8.21 Description A flaw exists in WeKan that allows for improper access controls. This is due to the manipulation of the boardId argument within the ComprehensiveBoardMigration function located in the file...

WeKan 授权问题漏洞

WeKan is an open-source dashboard application developed by WeKan. Versions of WeKan prior to 8.20 contained a vulnerability related to authorization issues. This vulnerability arose from improper authorization handling when operating on the parameters item.cardId, item.checklistId, and card.board...

CVE-2020-24456

Incorrect default permissions in the IntelR Board ID Tool version v.1.01 may allow an authenticated user to potentially enable escalation of privilege via local access...

EUVD-2020-17176

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2024-36033

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix info leak when fetching board id Add the missing sanity check when...

SUSE CVE-2024-36033

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix info leak when fetching board id Add the missing sanity check when fetching the board id to avoid leaking slab data when later requesting the firmware...

DEBIAN-CVE-2024-36033

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix info leak when fetching board id Add the missing sanity check when fetching the board id to avoid leaking slab data when later requesting the firmware...

UBUNTU-CVE-2024-36033

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix info leak when fetching board id Add the missing sanity check when fetching the board id to avoid leaking slab data when later requesting the firmware...

CVE-2024-36033

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix info leak when fetching board id Add the missing sanity check when fetching the board id to avoid leaking slab data when later requesting the firmware...

CVE-2024-36033 Bluetooth: qca: fix info leak when fetching board id

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix info leak when fetching board id Add the missing sanity check when fetching the board id to avoid leaking slab data when later requesting the firmware...

PT-2024-9028 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a Bluetooth component in the Linux kernel, specifically the qca module, which has a problem with incorrect input validation. This can lead to an information lea...