Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: cfg80211: Calling cfg80211stopap when switching from P2PGO type If the user-space tools switch from NL80211IFTYPEP2PGO to NL80211IFTYPEADHOC via sendmsgNL80211CMDSETINTERFACE, it does not call the cleanup function cfg80211stopap...

Linux Distros Unpatched Vulnerability : CVE-2026-31426

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ACPI: EC: clean up handlers on probe failure in acpiecsetup When ecinstallhandlers returns -EPROBEDEFER on reduced-hardware platforms, it has already started th...

WordPress plugin ElementsKit Elementor Addons and Templates 跨站脚本漏洞

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress plugin ElementsKit Elementor Addon...

CVE-2026-21438 webtransport-go affected by a Memory Exhaustion Attack due to Missing Cleanup of Streams Map

webtransport-go is an implementation of the WebTransport protocol. Prior to 0.10.0, an attacker can cause unbounded memory consumption repeatedly creating and closing many WebTransport streams. Closed streams were not removed from an internal session map, preventing garbage collection of their...

CVE-2022-50727

In the Linux kernel, the following vulnerability has been resolved: scsi: efct: Fix possible memleak in efctdeviceinit In efctdeviceinit, when efctscsiregfctransport fails, efctscsitgtdriverexit is not called to release memory for efctscsitgtdriverinit and causes memleak: unreferenced object...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986418)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986418 advisory. In the Linux kernel, the following vulnerability has been resolved: IB/qib: Fix memory leak in qibusersdmaqueuepkts The wrong goto label was used for the error case...

Linux Distros Unpatched Vulnerability : CVE-2021-29649

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel before 5.11.11. The user mode driver UMD has a copyprocess memory leak, related to a lack of cleanup steps in...

PT-2025-27960

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the atmtcp c send function in the Linux kernel, where it accesses skb-data as struct atmtcp hdr after checking if skb-len is 0, but this check is not sufficient...

FreeScout Cross-Site Scripting Vulnerability

FreeScout is an ultra-lightweight free open source helpdesk and shared inbox built using PHP Laravel framework by FreeScout. FreeScout suffers from a cross-site scripting vulnerability that stems from a lack of input validation and cleanup in the Session::flash function, no details of the...

CVE-2025-21661

In the Linux kernel, the following vulnerability has been resolved: gpio: virtuser: fix missing lookup table cleanups When a virtuser device is created via configfs and the probe fails due to an incorrect lookup table, the table is not removed. This prevents subsequent probe attempts from...

CVE-2024-43314

CVE-2024-43314 affects WordPress Asset CleanUp: Page Speed Booster (versions up to 1.3.9.3). Root cause: Missing/Incorrectly configured access control (Missing Authorization) enabling unauthorized access to assets. Impact: High (as per NVD CVSS 3.1 base score 8.8, high confidentiality, integrity,...

Rancher 安全漏洞

Rancher is an open source container management platform from the US-based Rancher Open Source, built for organizations deploying containers in production environments. A security vulnerability exists in Rancher versions prior to 2.7.14 and prior to 2.8.5, which stems from a failure to automatical...

git-shallow-clone 安全漏洞

git-shallow-clone is a library for dipesh individual developers. A security vulnerability exists in git-shallow-clone, which stems from a lack of cleanup or mitigation flags and is vulnerable to command injection attacks...

kernel: nf_tables: use-after-free in nft_chain_lookup_byid()

A use-after-free flaw was found in the Linux kernel's Netfilter module in net/netfilter/nftablesapi.c in nftchainlookupbyid. This flaw allows a local attacker to cause a local privilege escalation issue due to a missing cleanup...

DEBIAN-CVE-2023-22995

In the Linux kernel before 5.17, an error path in dwc3qcomacpiregistercore in drivers/usb/dwc3/dwc3-qcom.c lacks certain platformdeviceput and kfree calls...

UBUNTU-CVE-2023-22995

In the Linux kernel before 5.17, an error path in dwc3qcomacpiregistercore in drivers/usb/dwc3/dwc3-qcom.c lacks certain platformdeviceput and kfree calls...

SUSE CVE-2016-9914

Memory leak in hw/9pfs/9p.c in QEMU aka Quick Emulator allows local privileged guest OS users to cause a denial of service host memory consumption and possibly QEMU process crash by leveraging a missing cleanup operation in FileOperations...

Boodskap IoT Platform 跨站脚本漏洞

Boodskap IoT Platform is an IoT platform from Boodskap, Inc. A security vulnerability exists in Boodskap IoT Platform version v4.4.9-02 that stems from its application not enforcing input validation and output cleanup across multiple functions resulting in multiple cross-site scripts...

多款 XWiki Platform 产品代码注入漏洞

XWiki Platform is a suite of Wiki platforms for creating web collaboration applications from XWiki France. A security vulnerability exists in the XWiki Platform Tag UI versions prior to 13.10.6 and 14.4, which stems from the fact that the tag document "Main.Tags" is not properly cleaned up from...

kernel: mwifiex_usb_recv() in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker to cause DoS via crafted USB device

A denial of service flaw was found in mwifiexusbrecv in drivers/net/wireless/marvell/mwifiex/usb.c in the usb subsystem of the Linux kernel. This is due to a missing clean-up for a malfunctioning usb device with an unknown recvtype...