CVE-2025-54891 A user with elevated privileges can inject XSS in the ACL Resource Access configuration page

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Centreon Infra Monitoring ACL Resource access configuration modules allows Stored XSS by users with elevated privileges. This issue affects Infra Monitoring: from 24.10.0 before 24.10.13, fr...

CVE-2024-37021

Technical details for CVE-2024-37021 are not publicly available in the provided connected documents. The initial description references fpga_manager owner/refcount changes in the Linux kernel, but no further technical specifics (affected products/versions/fixes) are given here. Monitor for updates.

CVE-2021-47304

In the Linux kernel, the following vulnerability has been resolved: tcp: fix tcpinittransfer to not reset icskcainitialized This commit fixes a bug found by syzkaller that could cause spurious double-initializations for congestion control modules, which could cause memory leaks or other problems...

CVE-2021-47304 tcp: fix tcp_init_transfer() to not reset icsk_ca_initialized

In the Linux kernel, the following vulnerability has been resolved: tcp: fix tcpinittransfer to not reset icskcainitialized This commit fixes a bug found by syzkaller that could cause spurious double-initializations for congestion control modules, which could cause memory leaks or other problems...

CVE-2021-47304

CVE-2021-47304 : Linux kernel fix for tcp_init_transfer() resetting icsk_ca_initialized, which could cause double-initializations of congestion-control modules (e.g., CDG) and memory leaks. Root cause: after tcp_init_transfer(), icsk_ca_initialized could be reset to 0 without a prior cc->relea...

OTRS 代码注入漏洞

OTRS is an application from OTRS Germany. A service management software. A security vulnerability exists in OTRS AG OTRS ACL modules, OTRS AG OTRS Community Edition ACL modules, which originates from improper input validation. An attacker could use this vulnerability to locally execute arbitrary...

DRUPAL-CONTRIB-2022-058

This module enables themers to get partial data from field render arrays. It gives them more control over the output without drilling deep into the render array or using preprocess functions. The module doesn't sufficiently apply access restrictions when using the filters field\label, field\value...

Continental AG Infineon S-Gold 2 (PMB 8876)

CVSS v3 8.8 ATTENTION: Remotely exploitable/low skill level to exploit. Public exploits are available. Vendor: Continental AG Equipment: Infineon S-Gold 2 PMB 8876 Vulnerabilities: Stack-Based Buffer Overflow, Improper Restriction of Operations within the Bounds of a Memory Buffer AFFECTED PRODUC...

Check Point Abra Bypass / Command Execution

Exploit for php platform in category web applications Check Point Abra Vulnerabilities Vendor: Check Point Software Technologies Ltd Product web page: http://rus.checkpoint.com/products/abra/index.html; http://www.checkpoint.com/products/go/ Platforms: Windows XP, Vista, 7 32 bit Authors: Belov V...

Check Point Abra Bypass / Command Execution

Check Point Abra Vulnerabilities Vendor: Check Point Software Technologies Ltd Product web page: http://rus.checkpoint.com/products/abra/index.html; http://www.checkpoint.com/products/go/ Platforms: Windows XP, Vista, 7 32 bit Authors: Belov V., Komarov A. Group-IB Summary: Check Point Abra allow...