Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mwifiex: bring down the link before deleting the interface We can encounter a deadlock when using rmmod to remove the driver or during firmware reset. This is because the cfg80211unregisterwdev function must bring down the link f...

CVE-2025-66292 DPanel has an arbitrary file deletion vulnerability in /api/common/attach/delete interface

DPanel is an open source server management panel written in Go. Prior to 1.9.2, DPanel has an arbitrary file deletion vulnerability in the /api/common/attach/delete interface. Authenticated users can delete arbitrary files on the server via path traversal. When a user logs into the administrative...

EUVD-2026-2730

DPanel is an open source server management panel written in Go. Prior to 1.9.2, DPanel has an arbitrary file deletion vulnerability in the /api/common/attach/delete interface. Authenticated users can delete arbitrary files on the server via path traversal. When a user logs into the administrative...

CVE-2025-66292

DPanel (Go) has an arbitrary file deletion vulnerability in the /api/common/attach/delete interface. The Delete function passes the user-supplied path to storage.Local{}.GetSaveRealPath and then os.Remove without sanitizing path traversal (../), with filepath.Join in local.go resolving traversal ...

CVE-2025-66292 DPanel has an arbitrary file deletion vulnerability in /api/common/attach/delete interface

DPanel is an open source server management panel written in Go. Prior to 1.9.2, DPanel has an arbitrary file deletion vulnerability in the /api/common/attach/delete interface. Authenticated users can delete arbitrary files on the server via path traversal. When a user logs into the administrative...

kernel: net: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF.

In the Linux kernel, the following vulnerability has been resolved: net: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF. SIOCBRDELIF is passed to devioctl first and later forwarded to brioctlcall, which causes unnecessary RTNL dance and the splat below 0 under RTNL pressure. Let's say Thread A...

PT-2025-44481

Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to CCM 3.1.6 Nagios XI versions prior to 5.8.8 Description The Core Config Manager CCM in Nagios XI is susceptible to a cross-site scripting XSS issue through the search and deletion interfaces. Insufficient validation...

Nagios XI 安全漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems and more. A security vulnerability exists in Nagios XI CCM versions prior to 3.1.6 and Nagios XI version 5.8.8, which...

CVE-2019-17378

cPanel before 82.0.15 allows self XSS in the SSL Key Delete interface SEC-526...

SUSE CVE-2025-22111

In the Linux kernel, the following vulnerability has been resolved: net: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF. SIOCBRDELIF is passed to devioctl first and later forwarded to brioctlcall, which causes unnecessary RTNL dance and the splat below 0 under RTNL pressure. Let's say Thread A...

CVE-2025-22111

In the Linux kernel, the following vulnerability has been resolved: net: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF. SIOCBRDELIF is passed to devioctl first and later forwarded to brioctlcall, which causes unnecessary RTNL dance and the splat below 0 under RTNL pressure. Let's say Thread A...

DataEase API interface has IDOR vulnerability

Impact The api interface for DataEase delete dashboard and delete system messages is vulnerable to IDOR. The interface to delete the dashboard: 1. Create two users: user1 and user2 2. User1 creates a dashboard named pan1 3. User2 creates a dashboard named pan2 4. Both user1 and user2 share their...

CVE-2022-31884

Marval MSM v14.19.0.12476 has an Improper Access Control vulnerability which allows a low privilege user to delete other users API Keys including high privilege and the Administrator users API Keys...

CVE-2019-17378

cPanel before 82.0.15 allows self XSS in the SSL Key Delete interface SEC-526...