6047 matches found
E-Commerce-PHP 代码注入漏洞
E-Commerce-PHP is an e-commerce application using native PHP by the individual developer Kurnia Ramadhan Putra. A code injection vulnerability exists in E-Commerce-PHP version 1.0, which stems from the parameter Name in the file /admin/createproduct.php can lead to cross-site scripting attacks...
SUSE CVE-2024-56600
In the Linux kernel, the following vulnerability has been resolved: net: inet6: do not leave a dangling sk pointer in inet6create sockinitdata attaches the allocated sk pointer to the provided sock object. If inet6create fails later, the sk object is released, but the sock object retains the...
SUSE CVE-2024-56601
In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inetcreate sockinitdata attaches the allocated sk object to the provided sock object. If inetcreate fails later, the sk object is freed, but the sock object retains the dangling...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which originates in the rawnand submodule of the mtd module, where the allocation of the "user" pointer in the...
OSV-2025-4 Heap-buffer-overflow in ___interceptor_pthread_create
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=386713390 Crash type: Heap-buffer-overflow READ 8 Crash state: interceptorpthreadcreate...
MAL-2025-9 Malicious code in create-shopify-web-app (npm)
This package runs commands in a pre-install script that exfils sensitive data to a attacker-controlled domain. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 060088163bdd31721ea28bf31315bd2e50c4dd13215f62116756f66a3b69af83 Any computer that has this package install...
PT-2025-52665
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.18.0-rc1-next Description The Linux kernel contains an issue within the jbd2 journaling system. A bug can occur in the jbd2 journal get create access function when the file system is corrupted. Specifically, th...
PT-2025-30870
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the ipmi create user function within the IPMI message handler. An invalid pointer in the "intf" list iterator can occur if the correct "intf-intf num"...
DEBIAN-CVE-2024-56755
In the Linux kernel, the following vulnerability has been resolved: netfs/fscache: Add a memory barrier for FSCACHEVOLUMECREATING In fscachecreatevolume, there is a missing memory barrier between the bit-clearing operation and the wake-up operation. This may cause a situation where, after a...
UBUNTU-CVE-2024-56755
In the Linux kernel, the following vulnerability has been resolved: netfs/fscache: Add a memory barrier for FSCACHEVOLUMECREATING In fscachecreatevolume, there is a missing memory barrier between the bit-clearing operation and the wake-up operation. This may cause a situation where, after a...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from inetcreate in the net:inet module not clearing the dangling sk pointer, which could lead to reuse after...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS through the /admin/articles/create endpoint due to improper user input sanitization. Details Cross-site scripting or XSS is a code vulnerability that occurs when an attacker “injects” a malicious script into an...
DEBIAN-CVE-2024-56606
In the Linux kernel, the following vulnerability has been resolved: afpacket: avoid erroring out after sockinitdata in packetcreate After sockinitdata the allocated sk object is attached to the provided sock object. On error, packetcreate frees the sk object leaving the dangling pointer in the so...
AZL-55242 CVE-2024-56606 affecting package kernel for versions less than 5.15.176.3-1
In the Linux kernel, the following vulnerability has been resolved: afpacket: avoid erroring out after sockinitdata in packetcreate After sockinitdata the allocated sk object is attached to the provided sock object. On error, packetcreate frees the sk object leaving the dangling pointer in the so...
AZL-55187 CVE-2024-56606 affecting package kernel for versions less than 6.6.76.1-1
In the Linux kernel, the following vulnerability has been resolved: afpacket: avoid erroring out after sockinitdata in packetcreate After sockinitdata the allocated sk object is attached to the provided sock object. On error, packetcreate frees the sk object leaving the dangling pointer in the so...
DEBIAN-CVE-2024-56601
In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inetcreate sockinitdata attaches the allocated sk object to the provided sock object. If inetcreate fails later, the sk object is freed, but the sock object retains the dangling...
AZL-55539 CVE-2024-56601 affecting package kernel for versions less than 6.6.76.1-1
In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inetcreate sockinitdata attaches the allocated sk object to the provided sock object. If inetcreate fails later, the sk object is freed, but the sock object retains the dangling...
AZL-55576 CVE-2024-56600 affecting package kernel for versions less than 5.15.176.3-1
In the Linux kernel, the following vulnerability has been resolved: net: inet6: do not leave a dangling sk pointer in inet6create sockinitdata attaches the allocated sk pointer to the provided sock object. If inet6create fails later, the sk object is released, but the sock object retains the...
AZL-55491 CVE-2024-56600 affecting package kernel for versions less than 6.6.76.1-1
In the Linux kernel, the following vulnerability has been resolved: net: inet6: do not leave a dangling sk pointer in inet6create sockinitdata attaches the allocated sk pointer to the provided sock object. If inet6create fails later, the sk object is released, but the sock object retains the...
UBUNTU-CVE-2024-56601
In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inetcreate sockinitdata attaches the allocated sk object to the provided sock object. If inetcreate fails later, the sk object is freed, but the sock object retains the dangling...