3 matches found
CVE-2026-12746
Dancer2::Plugin::Auth::OAuth::Provider (Perl) prior to v0.23 lacks OAuth 2.0 state handling. The authentication_url may omit a state value and the callback does not verify the callback corresponds to the initiating session, enabling login CSRF where an attacker can complete the victim’s authoriza...
UBUNTU-CVE-2025-40232
In the Linux kernel, the following vulnerability has been resolved: rv: Fully convert enabledmonitors to use listhead as iterator The callbacks in enabledmonitorsseqops are inconsistent. Some treat the iterator as struct rvmonitor , while others treat the iterator as struct listhead . This causes...
SUSE CVE-2025-24975
Firebird is a relational database. Prior to snapshot versions 4.0.6.3183, 5.0.2.1610, and 6.0.0.609, Firebird is vulnerable if ExtConnPoolSize is not set equal to 0. If connections stored in ExtConnPool are not verified for presence and suitability of the CryptCallback interface is used when...