12 matches found
CVE-2026-53071
CVE-2026-53071 concerns the Linux kernel Bluetooth L2CAP implementation. The flaw arises when l2cap_ecred_reconf_rsp() deletes a channel without holding l2cap_chan_lock(), unlike other callers which acquire the lock first. This can allow a remote BLE device to corrupt the channel list while anoth...
EUVD-2023-24067
Malicious code in bioql PyPI...
EUVD-2024-1440
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-49909
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: fix use-after-free in l2capconndel When l2caprecvframe is invoked to recei...
CVE-2023-1865
The YourChannel plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check when resetting plugin settings via the yrcnuke GET parameter in versions up to, and including, 1.2.3. This makes it possible for unauthenticated attackers to delete YouTube channels...
kernel: Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: l2cap: fix null-ptr-deref in l2capchantimeout There is a race condition between l2capchantimeout and l2capchandel. When we use l2capchandel to delete the channel, the chan-conn will be set to null. But the conn could b...
kernel: Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: l2cap: fix null-ptr-deref in l2capchantimeout There is a race condition between l2capchantimeout and l2capchandel. When we use l2capchandel to delete the channel, the chan-conn will be set to null. But the conn could b...
DEBIAN-CVE-2024-27399
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: l2cap: fix null-ptr-deref in l2capchantimeout There is a race condition between l2capchantimeout and l2capchandel. When we use l2capchandel to delete the channel, the chan-conn will be set to null. But the conn could b...
SUSE CVE-2024-27399
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: l2cap: fix null-ptr-deref in l2capchantimeout There is a race condition between l2capchantimeout and l2capchandel. When we use l2capchandel to delete the channel, the chan-conn will be set to null. But the conn could b...
PT-2023-17294 · WordPress · Yourchannel
Name of the Vulnerable Software and Affected Versions: YourChannel plugin for WordPress versions up to, and including, 1.2.3 Description: The issue is related to a missing capability check when resetting plugin settings via the yrc nuke GET parameter. This allows unauthenticated attackers to dele...
SUSE-SU-2019:2521-1 Security update for SUSE Manager Server 3.2
This update fixes the following issues: cobbler: - Jinja2 template library fix bsc1141661 pgjdbc-ng: - Allow dots in database name bsc1146416 py26-compat-salt: - Get tornado dependency from the system on SLE12 bsc1149409 - Catch SSLError for TLS 1.2 bootstraps with RES/RHEL6 and SLE11 bsc1147126...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in OpenX 2.8.11 and earlier allow remote attackers to hijack the authentication of administrators for requests that delete 1 users via admin/agency-user-unlink.php, 2 advertisers via admin/advertiser-delete.php, 3 banners via...