53 matches found
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: cpufreq: governor: Use kobject release method to free dbsdata The struct dbsdata embeds a struct govattrset and the struct govattrset embeds a kobject. Since every kobject must have a release method and we can't use kfree to free...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005020)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005020 advisory. In the Linux kernel, the following vulnerability has been resolved: cpufreq: governor: Use kobject release method to free dbsdata The struct dbsdata embeds a struct...
CVE-2019-7546
An issue was discovered in SIDU 6.0. The dbs parameter of the conn.php page has a reflected Cross-site Scripting XSS vulnerability...
EUVD-2019-17086
Malware in sbrugna...
EUVD-2022-0401
Malicious code in bioql PyPI...
CVE-2022-34558
WMAgent v1.3.3rc2 and 1.3.3rc1, reqmgr 2 1.4.1rc5 and 1.4.0rc2, reqmon 1.4.1rc5, and global-workqueue 1.4.1rc5 allows attackers to execute arbitrary code via a crafted dbs-client package...
SUSE CVE-2022-49513
In the Linux kernel, the following vulnerability has been resolved: cpufreq: governor: Use kobject release method to free dbsdata The struct dbsdata embeds a struct govattrset and the struct govattrset embeds a kobject. Since every kobject must have a release method and we can't use kfree to free...
DEBIAN-CVE-2022-49513
In the Linux kernel, the following vulnerability has been resolved: cpufreq: governor: Use kobject release method to free dbsdata The struct dbsdata embeds a struct govattrset and the struct govattrset embeds a kobject. Since every kobject must have a release method and we can't use kfree to free...
UBUNTU-CVE-2022-49513
In the Linux kernel, the following vulnerability has been resolved: cpufreq: governor: Use kobject release method to free dbsdata The struct dbsdata embeds a struct govattrset and the struct govattrset embeds a kobject. Since every kobject must have a release method and we can't use kfree to free...
dbs-arch (>=0.2.2 <=0.2.3), dbs-boot (>=0.3.0 <=0.4.0) +7 more potentially affected by unknown CVE via kvm-ioctls (>=0.10.0 <=0.18.0)
kvm-ioctls CARGO version =0.10.0, =0.2.2, =0.3.0, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.0.29, =0.2.0 Source cves: unknown CVE Source advisory: OSV:GHSA-3QX8-RV27-J6GP...
Toyota confirms customer and employee data stolen, says breach at third party to blame
Last week, a cybercriminal using the handle ZeroSevenGroup dumped 240GB of data on the infamous stolen data site BreachForums, that they said came from a hack on the US branch of car manufacturer Toyota. ZeroSevenGroup claims the dump includes customer and employee data. ZeroSevenGroup posted the...
BIT-NODE-2022-32212
A OS Command Injection vulnerability exists in Node.js versions 14.20.0, 16.20.0, 18.5.0 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks...
BIT-NODE-2022-43548
A OS Command Injection vulnerability exists in Node.js versions 14.21.1, 16.18.1, 18.12.1, 19.0.1 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks.Th...
kernel: cpufreq: governor: Use kobject release() method to free dbs_data
A vulnerability was found in the Linux kernel's cpufreq subsystem. The dbsdata struct, which embeds a kobject, improperly attempts to free the struct using kfree rather than through the proper release method. This issue can lead to a use-after-free scenario, resulting in system instability, memor...
kernel: cpufreq: governor: Use kobject release() method to free dbs_data
A vulnerability was found in the Linux kernel's cpufreq subsystem. The dbsdata struct, which embeds a kobject, improperly attempts to free the struct using kfree rather than through the proper release method. This issue can lead to a use-after-free scenario, resulting in system instability, memor...
K000133494: Node.js vulnerability CVE-2022-43548
Security Advisory Description A OS Command Injection vulnerability exists in Node.js versions 14.21.1, 16.18.1, 18.12.1, 19.0.1 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests...
CBL Mariner 2.0 Security Update: nodejs (CVE-2022-43548)
The version of nodejs installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-43548 advisory. - A OS Command Injection vulnerability exists in Node.js versions 14.21.1, 16.18.1, 18.12.1, 19.0.1 due to an...
java-17-openjdk security and bug fix update
1:17.0.6.0.10-3 - Add missing release note for JDK-8295687 - Resolves: rhbz2160111 1:17.0.6.0.10-3 - Update FIPS support to bring in latest changes - OJ1357: Fix issue on FIPS with a SecurityManager in place - Related: rhbz2147473 1:17.0.6.0.10-3 - Fix flatpak builds by disabling TestTranslations...
CVE-2022-43548
A OS Command Injection vulnerability exists in Node.js versions 14.21.1, 16.18.1, 18.12.1, 19.0.1 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks.Th...
CVE-2022-43548
A OS Command Injection vulnerability exists in Node.js versions 14.21.1, 16.18.1, 18.12.1, 19.0.1 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks.Th...