CVE-2026-9449

Technical details about CVE-2026-9449 are not publicly available in the provided documents. Monitor for updates; no vendor/product/version specifics or remediation are disclosed here.

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: powerpc/setmemory: Spinlock recursion in changepageattr was avoided. The commit 1f9ad21c3b38 “powerpc/mm: Implement setmemory routines” included a spinlock call in changepageattr to safely perform the three-step operations...

Security Bulletin: TS4500 Tape Library/Diamondback Tape Library addresses security vulnerability CVE-2025-36239

Summary The Web UI page that prompts a user to change their expired password was vulnerable to cross-site scripting XSS, because a URL parameter was used directly in HTML output without sanitization. An authenticated user with access to this page could inject arbitrary JavaScript. The impact was...

EUVD-2025-1636

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-0376

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An XSS vulnerability exists in GitLab CE/EE affecting all versions from 13.3 prior to 17.6.5, 17.7 prior to 17.7.4 and 17.8 prior to 17.8.2 that allows an...

PHPGurukul e-Diary Management System 安全漏洞

The e-Diary Management System is an electronic diary management system. The e-Diary Management System suffers from a session hijacking vulnerability that stems from improper session invalidation of the component /edms/change-password.php. No details of the vulnerability are available at this time...

CVE-2024-24818

EspoCRM is an Open Source Customer Relationship Management software. An attacker can inject arbitrary IP or domain in "Password Change" page and redirect victim to malicious page that could lead to credential stealing or another attack. This vulnerability is fixed in 8.1.2...

CVE-2018-13313

In TOTOLINK A3002RU 1.0.8, the router provides a page that allows the user to change their account name and password. This page, password.htm, contains JavaScript which is used to confirm the user knows their current password before allowing them to change their password. However, this JavaScript...

CVE-2021-47632

In the Linux kernel, the following vulnerability has been resolved: powerpc/setmemory: Avoid spinlock recursion in changepageattr Commit 1f9ad21c3b38 "powerpc/mm: Implement setmemory routines" included a spinlock to changepageattr in order to safely perform the three step operations. But then...

DEBIAN-CVE-2021-47632

In the Linux kernel, the following vulnerability has been resolved: powerpc/setmemory: Avoid spinlock recursion in changepageattr Commit 1f9ad21c3b38 "powerpc/mm: Implement setmemory routines" included a spinlock to changepageattr in order to safely perform the three step operations. But then...

CVE-2021-47632

In the Linux kernel, the following vulnerability has been resolved: powerpc/setmemory: Avoid spinlock recursion in changepageattr Commit 1f9ad21c3b38 "powerpc/mm: Implement setmemory routines" included a spinlock to changepageattr in order to safely perform the three step operations. But then...

UBUNTU-CVE-2021-47632

In the Linux kernel, the following vulnerability has been resolved: powerpc/setmemory: Avoid spinlock recursion in changepageattr Commit 1f9ad21c3b38 "powerpc/mm: Implement setmemory routines" included a spinlock to changepageattr in order to safely perform the three step operations. But then...

CVE-2021-47632 powerpc/set_memory: Avoid spinlock recursion in change_page_attr()

In the Linux kernel, the following vulnerability has been resolved: powerpc/setmemory: Avoid spinlock recursion in changepageattr Commit 1f9ad21c3b38 "powerpc/mm: Implement setmemory routines" included a spinlock to changepageattr in order to safely perform the three step operations. But then...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from spin-lock recursion in the changepageattr function...

CVE-2025-0376

An XSS vulnerability exists in GitLab CE/EE affecting all versions from 13.3 prior to 17.6.5, 17.7 prior to 17.7.4 and 17.8 prior to 17.8.2 that allows an attacker to execute unauthorized actions via a change page...

CVE-2025-0376

CVE-2025-0376 is a cross-site scripting (XSS) vulnerability in GitLab CE/EE. Affected versions are GitLab 13.3 up to 17.6.5, 17.7 up to 17.7.4, and 17.8 up to 17.8.2, where an attacker can modify a page to execute unauthorized actions. Public sources consistently describe the issue as an XSS on a...

PT-2025-6782 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 13.3 through 17.6.5 GitLab CE/EE versions 17.7 through 17.7.4 GitLab CE/EE versions 17.8 through 17.8.2 Description: An XSS Cross-Site Scripting vulnerability exists in GitLab CE/EE that allows an attacker to execute...

RockOA Security Breach

RockOA Xinhu is an open source office OA system. A security vulnerability exists in Xinhu RockOA v2.6.3, which originates from the inclusion of a Reflected Cross-Site Scripting XSS vulnerability via the /kaoqin/tplkaoqinlocationchange.html component...

Online Blood Bank Management System SQL注入漏洞

Online Blood Bank Management System is an online blood bank management system. Itsourcecode Online Blood Bank Management System version 1.0 suffers from a SQL injection vulnerability that originates from changepwd.php containing an unknown function that causes SQL injection via the parameter...

BIT-ESPOCRM-2024-24818

EspoCRM is an Open Source Customer Relationship Management software. An attacker can inject arbitrary IP or domain in "Password Change" page and redirect victim to malicious page that could lead to credential stealing or another attack. This vulnerability is fixed in 8.1.2...