163 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-45861
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix slab-use-after-free in qdput Commit a475c5dd16e5 gfs2: Free quota data objects...
SUSE CVE-2026-45861
In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix slab-use-after-free in qdput Commit a475c5dd16e5 "gfs2: Free quota data objects synchronously" started freeing quota data objects during filesystem shutdown instead of putting them back onto the LRU list, but it failed ...
EUVD-2026-32327
In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix slab-use-after-free in qdput Commit a475c5dd16e5 "gfs2: Free quota data objects synchronously" started freeing quota data objects during filesystem shutdown instead of putting them back onto the LRU list, but it failed ...
CVE-2026-45861
In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix slab-use-after-free in qdput Commit a475c5dd16e5 "gfs2: Free quota data objects synchronously" started freeing quota data objects during filesystem shutdown instead of putting them back onto the LRU list, but it failed ...
UBUNTU-CVE-2026-45861
In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix slab-use-after-free in qdput Commit a475c5dd16e5 "gfs2: Free quota data objects synchronously" started freeing quota data objects during filesystem shutdown instead of putting them back onto the LRU list, but it failed ...
CVE-2026-45861
CVE-2026-45861 refers to a Linux kernel vulnerability in the GFS2 file system. The root cause is a slab-use-after-free: during filesystem shutdown, quota data objects were freed without being removed from the LRU list due to the change in the a475c5dd16e5 sequence. As a result, the shrinker (gfs2...
CVE-2026-45861 gfs2: Fix slab-use-after-free in qd_put
In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix slab-use-after-free in qdput Commit a475c5dd16e5 "gfs2: Free quota data objects synchronously" started freeing quota data objects during filesystem shutdown instead of putting them back onto the LRU list, but it failed ...
PT-2026-43728
In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix slab-use-after-free in qd put Commit a475c5dd16e5 "gfs2: Free quota data objects synchronously" started freeing quota data objects during filesystem shutdown instead of putting them back onto the LRU list, but it failed...
Important: jq security update
jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it to slice, filter, map, or transform structured data with the same ease that sed, awk, grep, or similar applications allow you to manipulate text. Security Fixes: jq: out-of-bounds read in...
PHP SQL注入漏洞
PHP is an open-source scripting language executed on the server side. Versions of PHP prior to 8.2.31, 8.3.31, 8.4.21, and 8.5.6 have a SQL injection vulnerability. This vulnerability stems from the improper handling of NUL bytes by the PDO Firebird driver when processing SQL queries, which can...
CVE-2026-5394 Pimcore Platform v12.3.3 - SQL Injection in DataObject composite index handling
An authenticated administrative user who can import or save DataObject class definitions can inject attacker-controlled composite index metadata and trigger unintended SQL execution in the backend. This issue affects pimcore: 12.3.3...
EUVD-2021-23041
SQL Injection vulnerability exists in Sourcecodester Online Job Portal phppdo 1.0 ivia the category parameter in /jobportal/index.php...
CVE-2025-12063
An insecure direct object reference allowed a non-admin user to modify or remove certain data objects without having the appropriate permissions...
CVE-2025-12063
An insecure direct object reference allowed a non-admin user to modify or remove certain data objects without having the appropriate permissions...
CVE-2025-12063
An insecure direct object reference allowed a non-admin user to modify or remove certain data objects without having the appropriate permissions...
CVE-2025-12063
An insecure direct object reference allowed a non-admin user to modify or remove certain data objects without having the appropriate permissions...
CVE-2025-12063
An insecure direct object reference allowed a non-admin user to modify or remove certain data objects without having the appropriate permissions...
PT-2026-7233
An insecure direct object reference allowed a non-admin user to modify or remove certain data objects without having the appropriate permissions...
php: PHP: Denial of Service via invalid character sequence in PDO PostgreSQL prepared statement
A flaw was found in PHP. When the PDO PHP Data Objects PostgreSQL driver is configured with PDO::ATTREMULATEPREPARES enabled, a remote attacker can exploit a vulnerability by providing an invalid character sequence within a prepared statement parameter. This can cause a null pointer dereference,...
OESA-2026-1024 php security update
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...